[KARAF-7777] Update Eclipse Jetty to solve CVE-2023-44487 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Dependency upgrade
Status: Resolved
Priority: Major
Resolution: Invalid
Affects Version/s: 4.4.4
Fix Version/s: None
Component/s: karaf
Labels:
- security

Description

As per https://nvd.nist.gov/vuln/detail/CVE-2023-44487, Eclipse Jetty till 9.4.52 is affected by this vulnerability. To solve it, upgrade to 9.4.53 should be used. Hence this 3pp update is needed in Karaf.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Prabhakaran Rajendran

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 30/Oct/23 04:52

Updated:: 30/Oct/23 06:59

Resolved:: 30/Oct/23 06:59