Security Advisory

CVE-2025-12383

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-18 15:14:37
Last updated 2025-11-18 21:34:35
Assigner eclipse
State PUBLISHED

Description

In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignoring of critical SSL configurations - such as mutual authentication, custom key/trust stores, and other security settings. This issue may result in SSLHandshakeException under normal circumstances, but under certain conditions, it could lead to unauthorized trust in insecure servers (see PoC)