[KAFKA-12655] CVE-2021-28165 - Upgrade jetty to 9.4.39 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.7.0, 2.6.1
Fix Version/s: 2.8.0, 2.7.1, 2.6.2, 3.0.0
Component/s: None
Labels:
- CVE
- security

Description

CVE-2021-28165 vulnerability affects Jetty versions up to 9.4.38. For more information see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28165

Upgrading to Jetty version 9.4.39 should address this issue (https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.39.v20210325).

Attachments

Issue Links

links to

GitHub Pull Request #10526

Activity

People

Assignee:: Dongjin Lee

Reporter:: Edwin Hobor

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 12/Apr/21 08:15

Updated:: 15/Jul/21 13:20

Resolved:: 13/Apr/21 06:41