exploitDog

CVE-2025-70045

Опубликовано: 23 фев. 2026

Источник: nvd

CVSS3: 7.4

EPSS Низкий

Описание

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in jxcore jxm master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTPS request options when 'jx_obj.IsSecure' is true

Ссылки

https://gist.github.com/zcxlighthouse/bd5852a409c97438016f2c476f8461d9
Third Party Advisory
https://github.com/jxcore
Product
https://github.com/jxcore/jxm
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jxcore:jxm:-:*:*:*:*:*:*:*

EPSS

Процентиль: 7%

0.00169

Низкий

7.4 High

CVSS3

Дефекты

CWE-295

Связанные уязвимости

GHSA-h2mx-ppvp-v2rq

CVSS3: 7.4

github

4 месяца назад

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in jxcore jxm master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTPS request options when 'jx_obj.IsSecure' is true

EPSS

Процентиль: 7%

0.00169

Низкий

7.4 High

CVSS3

Дефекты

CWE-295