Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-17807

Update jetty-http & jetty-server [CVE-2024-8184]

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Blocker
    • Resolution: Fixed
    • 3.8.0, 3.7.1, 3.9.0
    • None
    • None
    • None

    Description

      1. jetty-http

      https://nvd.nist.gov/vuln/detail/CVE-2024-6763

      Current jetty-http version: 9.4.54.v20240208

      Fix versions: 12.0.12

      1. jetty-server

      jetty-server, is vulnerable to https://nvd.nist.gov/vuln/detail/CVE-2024-8184

      current jetty-server version: 9.4.54.v20240208

      Fix Version : 10.0.24, 11.0.24, 12.0.9, 9.4.56

      I created this report after I got an automated notification from a security image scanner.

      Attachments

        Issue Links

        There are no Sub-Tasks for this issue.

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            chia7712 Chia-Ping Tsai
            vishaln Vishal
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment