Improper Certificate Validation

Overview yapi-vendor is a YAPI Affected versions of this package are vulnerable to Improper Certificate Validation due to the HTTPS agent configuration setting rejectUnauthorized: false. An attacker can intercept and manipulate network traffic by performing a man-in-the-middle attack. Remediation...

CVE-2025-70043

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in Ayms node-To master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in TLS socket options...

CVE-2025-70045

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in jxcore jxm master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTPS request options when 'jxobj.IsSecure' is true...

CVE-2025-70029

An issue in Sunbird-Ed SunbirdEd-portal v1.13.4 allows attackers to obtain sensitive information. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTP request options...