[ZOOKEEPER-4599] Upgrade Jetty to avoid CVE-2022-2048 - ASF JIRA

XML

Word

Printable

JSON

CVE ID	Type	Severity	Packages	Package Version	CVSS	Fix Status
CVE-2022-2048	java	high	org.eclipse.jetty_jetty-io	9.4.43.v20210629	7.5	fixed in 11.0.9, 10.0.9, 9.4.47

Our security scan detected the above vulnerabilities

upgrade to correct versions for fixing vulnerabilities

is a clone of

ZOOKEEPER-4439 Upgrade zk vulnerabilities

relates to

ZOOKEEPER-4532 CVE-2022-2296-Upgrade jetty to 9.4.46.v20220331