Dimitri Tenenbaum

**Name of the Vulnerable Software and Affected Versions** Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 **Description** A race condition in Eclipse Jersey’s SSL configuration processing can lead to the ignoring of critical SSL configurations, including mutual authentication and custom key/trust stores. This may result in `SSLHandshakeException` errors, but under certain conditions, could allow unauthorized trust in insecure servers. **Recommendations** Update Eclipse Jersey to a version that addresses this race condition.