[
https://issues.apache.org/jira/browse/KARAF-7887?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Prabhakaran Rajendran updated KARAF-7887:
-----------------------------------------
Description:
Eclipse Jetty till 9.4.54 is affected by this below vulnerabilities. To solve
it, upgrade to 9.4.56 should be used. Hence this 3pp update is needed in Karaf.
CVE-2024-8184
CVE-2024-6762
CVE-2024-6763
was:As per [https://nvd.nist.gov/vuln/detail/CVE-2023-44487], Eclipse Jetty
till 9.4.52 is affected by this vulnerability. To solve it, upgrade to 9.4.53
should be used. Hence this 3pp update is needed in Karaf.
> Update Eclipse Jetty to solve CVE-2024-8184, CVE-2024-6762, CVE-2024-6763
> -------------------------------------------------------------------------
>
> Key: KARAF-7887
> URL: https://issues.apache.org/jira/browse/KARAF-7887
> Project: Karaf
> Issue Type: Dependency upgrade
> Components: karaf
> Affects Versions: 4.4.4
> Reporter: Prabhakaran Rajendran
> Priority: Major
> Labels: security
>
> Eclipse Jetty till 9.4.54 is affected by this below vulnerabilities. To solve
> it, upgrade to 9.4.56 should be used. Hence this 3pp update is needed in
> Karaf.
>
> CVE-2024-8184
> CVE-2024-6762
> CVE-2024-6763
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
