exploitDog

GHSA-h2mx-ppvp-v2rq

Опубликовано: 23 фев. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 7.4

Описание

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in jxcore jxm master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTPS request options when 'jx_obj.IsSecure' is true

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in jxcore jxm master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTPS request options when 'jx_obj.IsSecure' is true

Ссылки

EPSS

Процентиль: 6%

0.00169

Низкий

7.4 High

CVSS3

CVE ID

Дефекты

CWE-295

Связанные уязвимости

CVE-2025-70045

CVSS3: 7.4

nvd

4 месяца назад

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in jxcore jxm master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTPS request options when 'jx_obj.IsSecure' is true

EPSS

Процентиль: 6%

0.00169

Низкий

7.4 High

CVSS3

CVE ID

Дефекты

CWE-295