[jira] [Resolved] (KAFKA-17807) Update jetty-http & jetty-server [CVE-2024-6763] [CVE-2024-8184]

Sun, 20 Oct 2024 11:56:11 -0700 


     [ 
https://issues.apache.org/jira/browse/KAFKA-17807?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Chia-Ping Tsai resolved KAFKA-17807.
------------------------------------
      Assignee: Chia-Ping Tsai
    Resolution: Fixed

> Update jetty-http & jetty-server [CVE-2024-6763] [CVE-2024-8184]
> ----------------------------------------------------------------
>
>                 Key: KAFKA-17807
>                 URL: https://issues.apache.org/jira/browse/KAFKA-17807
>             Project: Kafka
>          Issue Type: Bug
>    Affects Versions: 3.8.0, 3.7.1, 3.9.0
>            Reporter: Vishal
>            Assignee: Chia-Ping Tsai
>            Priority: Blocker
>
> # jetty-http
> [https://nvd.nist.gov/vuln/detail/CVE-2024-6763]
> Current jetty-http version: 9.4.54.v20240208
> Fix versions: 12.0.12
>  # jetty-server
> jetty-server, is vulnerable to 
> [https://nvd.nist.gov/vuln/detail/CVE-2024-8184]
> current jetty-server version: 9.4.54.v20240208
> Fix Version : 10.0.24, 11.0.24, 12.0.9, 9.4.56
> I created this report after I got an automated notification from a security 
> image scanner.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to