[
https://issues.apache.org/jira/browse/FELIX-6569?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Akanksha Jain updated FELIX-6569:
---------------------------------
Description:
Vulnerability: [https://nvd.nist.gov/vuln/detail/CVE-2022-2048]
Description:
[https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j]
Summary:
Felix version <= 4.2.1 uses Jetty version < 9.4.46 which is vulnerable to
CVE-2022-2048.
The fix for the above vulnerability is available in Jetty version 9.4.47.
10.0.10, 11.0.10.
> Felix embeds vulnerable version of Jetty (CVE-2022-2048)
> --------------------------------------------------------
>
> Key: FELIX-6569
> URL: https://issues.apache.org/jira/browse/FELIX-6569
> Project: Felix
> Issue Type: Bug
> Reporter: Akanksha Jain
> Priority: Major
>
> Vulnerability: [https://nvd.nist.gov/vuln/detail/CVE-2022-2048]
> Description:
> [https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j]
>
> Summary:
> Felix version <= 4.2.1 uses Jetty version < 9.4.46 which is vulnerable to
> CVE-2022-2048.
> The fix for the above vulnerability is available in Jetty version 9.4.47.
> 10.0.10, 11.0.10.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
