[KARAF-7520] Stepup pax web Jetty to solve multiple CVEs - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Not A Problem
Affects Version/s: 4.4.0, 4.3.7
Fix Version/s: None
Component/s: karaf
Labels:
- vulnerability

Description

Hi,

There are multiple vulnerabilities reported on Jetty 9.4.46 that could be solved by lifting them to new versions. See the following issues

https://nvd.nist.gov/vuln/detail/CVE-2022-2047

https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j

https://nvd.nist.gov/vuln/detail/CVE-2022-2191

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Karthick

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 11/Jul/22 05:55

Updated:: 25/Sep/22 12:39

Resolved:: 11/Jul/22 07:34