3 matches found
GHSA-663H-2VR3-GHRJ yapi disables TLS/SSL certificate validation via rejectUnauthorized: false in Axios HTTPS agent
An issue pertaining to CWE-295: Improper Certificate Validation was discovered in YMFE yapi v1.12.0. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in the HTTPS agent configuration for Axios requests...
PT-2026-21522
Name of the Vulnerable Software and Affected Versions jxcore jxm master Description The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTPS request options when jx obj.IsSecure is true. This improper certificate validation could allow for...
PT-2026-7627
An issue in Sunbird-Ed SunbirdEd-portal v1.13.4 allows attackers to obtain sensitive information. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTP request options...