VYPR

Uniffle

by Apache

Source repositories

CVEs (1)

  • CVE-2025-68637Jan 7, 2026
    risk 0.00cvss epss 0.00

    The Uniffle HTTP client is configured to trust all SSL certificates and disables hostname verification by default. This insecure configuration exposes all REST API communication between the Uniffle CLI/client and the Uniffle Coordinator service to potential Man-in-the-Middle…