We did already a security scan, it detected CVE-2023-36478 and
CVE-2023-44487
Both CVEs are related to HTTP2. I have thought that HTTP2 is not possible
in Karaf 4.3.
Can someone confirm this assumption.
Regards
Richard
Am Do., 22. Feb. 2024 um 11:23 Uhr schrieb Chandan Singh <
[email protected]>:
> Hi All ,
>
> During a recent Security Scan we found a vulnerability reported
> regarding the Jetty version in Apache Karaf 4.3.10 . Does anyone have
> any recommendations on the same ?
>
> [image: image.png]
>
>
> Regards
> Chandan
>
