Critical severityNVD Advisory· Published Nov 18, 2025· Updated Nov 18, 2025
Race Condition allows Bypass of Trust Restrictions
CVE-2025-12383
Description
In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignoring of critical SSL configurations - such as mutual authentication, custom key/trust stores, and other security settings. This issue may result in SSLHandshakeException under normal circumstances, but under certain conditions, it could lead to unauthorized trust in insecure servers (see PoC)
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.glassfish.jersey.core:jersey-clientMaven | >= 2.45, < 2.46 | 2.46 |
org.glassfish.jersey.core:jersey-clientMaven | >= 3.0.16, < 3.0.17 | 3.0.17 |
org.glassfish.jersey.core:jersey-clientMaven | >= 3.1.9, < 3.1.10 | 3.1.10 |
Affected products
145- osv-coords144 versionspkg:apk/chainguard/apache-hoppkg:apk/chainguard/apache-hop-fipspkg:apk/chainguard/apache-pulsarpkg:apk/chainguard/apache-pulsar-compatpkg:apk/chainguard/celeborn-0.5pkg:apk/chainguard/celeborn-0.5-compatpkg:apk/chainguard/celeborn-0.6pkg:apk/chainguard/celeborn-0.6-compatpkg:apk/chainguard/kafka-3.7pkg:apk/chainguard/kafka-3.8pkg:apk/chainguard/kafka-3.9pkg:apk/chainguard/kafka-4.0pkg:apk/chainguard/kafka-bitnami-compat-3.7pkg:apk/chainguard/kafka-bitnami-compat-3.8pkg:apk/chainguard/kafka-bitnami-compat-3.9pkg:apk/chainguard/kafka-bitnami-compat-4.0pkg:apk/chainguard/kafka-iamguarded-compat-4.0pkg:apk/chainguard/neo4j-2025.04pkg:apk/chainguard/neo4j-2025.04-docker-publishpkg:apk/chainguard/neo4j-2025.05pkg:apk/chainguard/neo4j-2025.05-docker-publishpkg:apk/chainguard/neo4j-2025.06pkg:apk/chainguard/neo4j-2025.06-browserpkg:apk/chainguard/neo4j-2025.06-docker-publishpkg:apk/chainguard/neo4j-2025.07pkg:apk/chainguard/neo4j-2025.07-browserpkg:apk/chainguard/neo4j-2025.07-docker-publishpkg:apk/chainguard/neo4j-2025.08pkg:apk/chainguard/neo4j-2025.08-browserpkg:apk/chainguard/neo4j-2025.08-docker-publishpkg:apk/chainguard/neo4j-2025.09pkg:apk/chainguard/neo4j-2025.09-browserpkg:apk/chainguard/neo4j-2025.09-docker-publishpkg:apk/chainguard/neo4j-2025.10pkg:apk/chainguard/neo4j-2025.10-browserpkg:apk/chainguard/neo4j-2025.10-docker-publishpkg:apk/chainguard/neo4j-4.4pkg:apk/chainguard/neo4j-4.4-docker-publishpkg:apk/chainguard/neo4j-5.26pkg:apk/chainguard/neo4j-5.26-docker-publishpkg:apk/chainguard/neo4j-5.26-oci-entrypointpkg:apk/chainguard/pyspark-scala-2.13pkg:apk/chainguard/spark-3.5pkg:apk/chainguard/spark-3.5-bitnami-compatpkg:apk/chainguard/spark-3.5-compatpkg:apk/chainguard/spark-3.5-minimalpkg:apk/chainguard/spark-3.5-minimal-openjdk-11pkg:apk/chainguard/spark-3.5-minimal-openjdk-17pkg:apk/chainguard/spark-3.5-minimal-openjdk-8pkg:apk/chainguard/spark-3.5-openjdk-11pkg:apk/chainguard/spark-3.5-openjdk-17pkg:apk/chainguard/spark-3.5-openjdk-8pkg:apk/chainguard/spark-3.5-scala-2.12pkg:apk/chainguard/spark-3.5-scala-2.12-bitnami-compatpkg:apk/chainguard/spark-3.5-scala-2.12-compatpkg:apk/chainguard/spark-3.5-scala-2.12-iamguarded-compatpkg:apk/chainguard/spark-3.5-scala-2.12-minimal-openjdk-11pkg:apk/chainguard/spark-3.5-scala-2.12-minimal-openjdk-17pkg:apk/chainguard/spark-3.5-scala-2.12-minimal-openjdk-8pkg:apk/chainguard/spark-3.5-scala-2.12-openjdk-11pkg:apk/chainguard/spark-3.5-scala-2.12-openjdk-17pkg:apk/chainguard/spark-3.5-scala-2.12-openjdk-8pkg:apk/chainguard/spark-3.5-scala-2.13pkg:apk/chainguard/spark-3.5-scala-2.13-compatpkg:apk/chainguard/spark-3.5-scala-2.13-openjdk-11pkg:apk/chainguard/spark-3.5-scala-2.13-openjdk-17pkg:apk/chainguard/spark-3.5-scala-2.13-openjdk-8pkg:apk/chainguard/spark-4.0pkg:apk/chainguard/spark-4.0-scala-2.13pkg:apk/chainguard/spark-4.0-scala-2.13-compatpkg:apk/chainguard/spark-fips-3.5pkg:apk/chainguard/spark-fips-3.5-scala-2.12pkg:apk/chainguard/spark-fips-3.5-scala-2.12-compatpkg:apk/chainguard/spark-fips-3.5-scala-2.13pkg:apk/chainguard/spark-fips-3.5-scala-2.13-compatpkg:apk/chainguard/webswingpkg:apk/chainguard/wso2ispkg:apk/chainguard/wso2is-compatpkg:apk/chainguard/wso2is-docpkg:apk/wolfi/apache-pulsarpkg:apk/wolfi/apache-pulsar-compatpkg:apk/wolfi/celeborn-0.5pkg:apk/wolfi/celeborn-0.5-compatpkg:apk/wolfi/celeborn-0.6pkg:apk/wolfi/celeborn-0.6-compatpkg:apk/wolfi/kafka-3.8pkg:apk/wolfi/kafka-3.9pkg:apk/wolfi/kafka-4.0pkg:apk/wolfi/kafka-bitnami-compat-3.8pkg:apk/wolfi/kafka-bitnami-compat-3.9pkg:apk/wolfi/kafka-bitnami-compat-4.0pkg:apk/wolfi/kafka-iamguarded-compat-4.0pkg:apk/wolfi/neo4j-2025.04pkg:apk/wolfi/neo4j-2025.04-docker-publishpkg:apk/wolfi/neo4j-2025.05pkg:apk/wolfi/neo4j-2025.05-docker-publishpkg:apk/wolfi/neo4j-2025.06pkg:apk/wolfi/neo4j-2025.06-browserpkg:apk/wolfi/neo4j-2025.06-docker-publishpkg:apk/wolfi/neo4j-2025.07pkg:apk/wolfi/neo4j-2025.07-browserpkg:apk/wolfi/neo4j-2025.07-docker-publishpkg:apk/wolfi/neo4j-2025.08pkg:apk/wolfi/neo4j-2025.08-browserpkg:apk/wolfi/neo4j-2025.08-docker-publishpkg:apk/wolfi/neo4j-2025.09pkg:apk/wolfi/neo4j-2025.09-browserpkg:apk/wolfi/neo4j-2025.09-docker-publishpkg:apk/wolfi/neo4j-2025.10pkg:apk/wolfi/neo4j-2025.10-browserpkg:apk/wolfi/neo4j-2025.10-docker-publishpkg:apk/wolfi/neo4j-5.26pkg:apk/wolfi/neo4j-5.26-docker-publishpkg:apk/wolfi/neo4j-5.26-oci-entrypointpkg:apk/wolfi/pyspark-scala-2.13pkg:apk/wolfi/spark-3.5pkg:apk/wolfi/spark-3.5-bitnami-compatpkg:apk/wolfi/spark-3.5-compatpkg:apk/wolfi/spark-3.5-minimalpkg:apk/wolfi/spark-3.5-minimal-openjdk-11pkg:apk/wolfi/spark-3.5-minimal-openjdk-17pkg:apk/wolfi/spark-3.5-minimal-openjdk-8pkg:apk/wolfi/spark-3.5-openjdk-11pkg:apk/wolfi/spark-3.5-openjdk-17pkg:apk/wolfi/spark-3.5-openjdk-8pkg:apk/wolfi/spark-3.5-scala-2.12pkg:apk/wolfi/spark-3.5-scala-2.12-bitnami-compatpkg:apk/wolfi/spark-3.5-scala-2.12-compatpkg:apk/wolfi/spark-3.5-scala-2.12-iamguarded-compatpkg:apk/wolfi/spark-3.5-scala-2.12-minimal-openjdk-11pkg:apk/wolfi/spark-3.5-scala-2.12-minimal-openjdk-17pkg:apk/wolfi/spark-3.5-scala-2.12-minimal-openjdk-8pkg:apk/wolfi/spark-3.5-scala-2.12-openjdk-11pkg:apk/wolfi/spark-3.5-scala-2.12-openjdk-17pkg:apk/wolfi/spark-3.5-scala-2.12-openjdk-8pkg:apk/wolfi/spark-3.5-scala-2.13pkg:apk/wolfi/spark-3.5-scala-2.13-compatpkg:apk/wolfi/spark-3.5-scala-2.13-openjdk-11pkg:apk/wolfi/spark-3.5-scala-2.13-openjdk-17pkg:apk/wolfi/spark-3.5-scala-2.13-openjdk-8pkg:apk/wolfi/spark-4.0pkg:apk/wolfi/spark-4.0-scala-2.13pkg:apk/wolfi/spark-4.0-scala-2.13-compatpkg:maven/org.glassfish.jersey.core/jersey-client
< 2.16.0-r0+ 143 more
- (no CPE)range: < 2.16.0-r0
- (no CPE)range: < 2.15.0-r16
- (no CPE)range: < 4.1.2-r0
- (no CPE)range: < 4.1.2-r0
- (no CPE)range: < 0.5.4-r10
- (no CPE)range: < 0.5.4-r10
- (no CPE)range: < 0.6.1-r1
- (no CPE)range: < 0.6.1-r1
- (no CPE)range: < 3.7.2-r47
- (no CPE)range: < 3.8.1-r47
- (no CPE)range: < 3.9.1-r6
- (no CPE)range: < 4.0.1-r1
- (no CPE)range: < 3.7.2-r47
- (no CPE)range: < 3.8.1-r47
- (no CPE)range: < 3.9.1-r6
- (no CPE)range: < 4.0.1-r1
- (no CPE)range: < 4.0.1-r1
- (no CPE)range: < 2025.04.0-r9
- (no CPE)range: < 2025.04.0-r9
- (no CPE)range: < 2025.05.1-r8
- (no CPE)range: < 2025.05.1-r8
- (no CPE)range: < 2025.06.2-r8
- (no CPE)range: < 2025.06.2-r8
- (no CPE)range: < 2025.06.2-r8
- (no CPE)range: < 2025.07.1-r8
- (no CPE)range: < 2025.07.1-r8
- (no CPE)range: < 2025.07.1-r8
- (no CPE)range: < 2025.08.0-r5
- (no CPE)range: < 2025.08.0-r5
- (no CPE)range: < 2025.08.0-r5
- (no CPE)range: < 2025.09.0-r2
- (no CPE)range: < 2025.09.0-r2
- (no CPE)range: < 2025.09.0-r2
- (no CPE)range: < 2025.10.1-r1
- (no CPE)range: < 2025.10.1-r1
- (no CPE)range: < 2025.10.1-r1
- (no CPE)range: < 4.4.46-r1
- (no CPE)range: < 4.4.46-r1
- (no CPE)range: < 5.26.16-r1
- (no CPE)range: < 5.26.16-r1
- (no CPE)range: < 5.26.16-r1
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 4.0.1-r2
- (no CPE)range: < 4.0.1-r2
- (no CPE)range: < 4.0.1-r2
- (no CPE)range: < 3.5.4-r17
- (no CPE)range: < 3.5.4-r17
- (no CPE)range: < 3.5.4-r17
- (no CPE)range: < 3.5.4-r17
- (no CPE)range: < 3.5.4-r17
- (no CPE)range: < 24.2.2-r1
- (no CPE)range: < 7.2.0-r0
- (no CPE)range: < 7.2.0-r0
- (no CPE)range: < 7.2.0-r0
- (no CPE)range: < 4.1.2-r0
- (no CPE)range: < 4.1.2-r0
- (no CPE)range: < 0.5.4-r10
- (no CPE)range: < 0.5.4-r10
- (no CPE)range: < 0.6.1-r1
- (no CPE)range: < 0.6.1-r1
- (no CPE)range: < 3.8.1-r47
- (no CPE)range: < 3.9.1-r6
- (no CPE)range: < 4.0.1-r1
- (no CPE)range: < 3.8.1-r47
- (no CPE)range: < 3.9.1-r6
- (no CPE)range: < 4.0.1-r1
- (no CPE)range: < 4.0.1-r1
- (no CPE)range: < 2025.04.0-r9
- (no CPE)range: < 2025.04.0-r9
- (no CPE)range: < 2025.05.1-r8
- (no CPE)range: < 2025.05.1-r8
- (no CPE)range: < 2025.06.2-r8
- (no CPE)range: < 2025.06.2-r8
- (no CPE)range: < 2025.06.2-r8
- (no CPE)range: < 2025.07.1-r8
- (no CPE)range: < 2025.07.1-r8
- (no CPE)range: < 2025.07.1-r8
- (no CPE)range: < 2025.08.0-r5
- (no CPE)range: < 2025.08.0-r5
- (no CPE)range: < 2025.08.0-r5
- (no CPE)range: < 2025.09.0-r2
- (no CPE)range: < 2025.09.0-r2
- (no CPE)range: < 2025.09.0-r2
- (no CPE)range: < 2025.10.1-r1
- (no CPE)range: < 2025.10.1-r1
- (no CPE)range: < 2025.10.1-r1
- (no CPE)range: < 5.26.16-r1
- (no CPE)range: < 5.26.16-r1
- (no CPE)range: < 5.26.16-r1
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 3.5.7-r3
- (no CPE)range: < 4.0.1-r2
- (no CPE)range: < 4.0.1-r2
- (no CPE)range: < 4.0.1-r2
- (no CPE)range: >= 2.45, < 2.46
- Eclipse Foundation/Jerseyv5Range: 2.45
Patches
Vulnerability mechanics
References
12- github.com/advisories/GHSA-7p63-w6x9-6gr7ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-12383ghsaADVISORY
- github.com/eclipse-ee4j/jersey/commit/425bc883d8d623ef8d3c448fafd36729f7741bcbghsaWEB
- github.com/eclipse-ee4j/jersey/commit/b2c7ba6d388cb9722f39073d7e82aa818fec49d5ghsaWEB
- github.com/eclipse-ee4j/jersey/pull/5749ghsaWEB
- github.com/eclipse-ee4j/jersey/pull/5794ghsaWEB
- github.com/eclipse-ee4j/jersey/releases/tag/2.46ghsaWEB
- github.com/eclipse-ee4j/jersey/releases/tag/3.0.17ghsaWEB
- github.com/eclipse-ee4j/jersey/releases/tag/3.1.10ghsaWEB
- github.com/eclipse-ee4j/jersey/releases/tag/4.0.0-M2ghsaWEB
- gitlab.eclipse.org/security/cve-assignment/-/issues/74ghsaWEB
- gitlab.eclipse.org/security/vulnerability-reports/-/issues/253ghsaWEB
News mentions
0No linked articles in our index yet.