Vulnerability Database

320,453

Total vulnerabilities in the database

CVE-2025-12383

In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignoring of critical SSL configurations - such as mutual authentication, custom key/trust stores, and other security settings. This issue may result in SSLHandshakeException under normal circumstances, but under certain conditions, it could lead to unauthorized trust in insecure servers (see PoC)

Published: Nov 18, 2025
Updated: Jan 17, 2026
CVE: CVE-2025-12383
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.4
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWEs:

CWE-362

Affected Software
References

Software	From	Fixed in
eclipse / jersey	2.45	2.45.x
eclipse / jersey	3.0.16	3.0.16.x
eclipse / jersey	3.1.9	3.1.9.x

https://gitlab.eclipse.org/security/cve-assignment/-/issues/74

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo