[jira] [Created] (FLUME-3388) Jetty(6.1.26) is vulnerable to vulnerability attack

Confuse (Jira) Mon, 22 Mar 2021 00:13:22 -0700

Confuse created FLUME-3388:
------------------------------

             Summary: Jetty(6.1.26) is vulnerable to vulnerability attack
                 Key: FLUME-3388
                 URL: https://issues.apache.org/jira/browse/FLUME-3388
             Project: Flume
          Issue Type: Dependency upgrade
          Components: Sinks+Sources
    Affects Versions: 1.9.0
            Reporter: Confuse
         Attachments: image-2021-03-22-15-08-46-549.png


Flume source codes depends jetty jar，as shown in the dependency tree figure 
below：

!image-2021-03-22-15-08-46-549.png!

but jetty 6.1.26 jar has many vulnerabilities，which make the user's business 
vulnerable to hackers. So, can we upgrade jetty jar to a version without 
vulnerabilities or latest version?



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (FLUME-3388) Jetty(6.1.26) is vulnerable to vulnerability attack

Reply via email to