[
https://issues.apache.org/jira/browse/SM-5656?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jean-Baptiste Onofré updated SM-5656:
-------------------------------------
Fix Version/s: bundles-2023.11
> org.apache.servicemix.bundles.zookeeper:3.8.1_1 - security vulnerability
> CVE-2023-44981
> ---------------------------------------------------------------------------------------
>
> Key: SM-5656
> URL: https://issues.apache.org/jira/browse/SM-5656
> Project: ServiceMix
> Issue Type: Bug
> Components: bundles
> Reporter: Henrik Heiestad
> Assignee: Jean-Baptiste Onofré
> Priority: Major
> Fix For: bundles-2023.11
>
>
> org.apache.servicemix.bundles.zookeeper:3.8.1_1 - is affected by security
> vulnerability CVE-2023-44981
> {quote}Version Affected
> [3.7.0_1,3.8.1_1]
> Root Cause
> org.apache.servicemix.bundles.zookeeper-3.8.1_1.jarorg/apache/zookeeper/server/quorum/auth/SaslQuorumServerCallbackHandler.class[3.8.0
> , 3.8.3)
> org.apache.servicemix.bundles.zookeeper-3.8.1_1.jarorg/apache/zookeeper/server/quorum/auth/SaslQuorumServerCallbackHandler.class[3.5.4-beta,
> 3.7.2)
> Advisories
> Project[https://lists.apache.org/thread/wf0yrk84dg1942z1o74kd8nycg6pgm5b]
> Third Party[https://github.com/advisories/GHSA-7286-pgfv-vxvh]
> CVSS Details
> CVE CVSS 39.1
> CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N{quote}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
