Karthick created KARAF-7520: ------------------------------- Summary: Stepup pax web Jetty to solve multiple CVEs Key: KARAF-7520 URL: https://issues.apache.org/jira/browse/KARAF-7520 Project: Karaf Issue Type: Bug Components: karaf Affects Versions: 4.3.7, 4.4.0 Reporter: Karthick
Hi, There are multiple vulnerabilities reported on Jetty 9.4.46 that could be solved by lifting them to new versions. See the following issues [https://nvd.nist.gov/vuln/detail/CVE-2022-2047] [https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgmr-mf83-7x4j] [https://nvd.nist.gov/vuln/detail/CVE-2022-2191] -- This message was sent by Atlassian Jira (v8.20.10#820010)