Details
-
Bug
-
Status: Resolved
-
Blocker
-
Resolution: Fixed
-
3.8.0, 3.7.1, 3.9.0
-
None
-
None
-
None
Description
- jetty-http
https://nvd.nist.gov/vuln/detail/CVE-2024-6763
Current jetty-http version: 9.4.54.v20240208
Fix versions: 12.0.12
- jetty-server
jetty-server, is vulnerable to https://nvd.nist.gov/vuln/detail/CVE-2024-8184
current jetty-server version: 9.4.54.v20240208
Fix Version : 10.0.24, 11.0.24, 12.0.9, 9.4.56
I created this report after I got an automated notification from a security image scanner.
Attachments
Attachments
Issue Links
- is related to
-
KAFKA-16437 Upgrade to Jakarta and JavaEE 10 in Kafka 4.0 (KIP-1032)
- In Progress
1.
|
Update Jetty to 9.4.56 for trunk, 3.8 and 3.7 | Resolved | Josep Prat | ||
2.
|
Update Jetty to 9.4.56 for 3.9 | Resolved | Josep Prat |