[
https://issues.apache.org/jira/browse/KAFKA-17807?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Vishal updated KAFKA-17807:
---------------------------
Description:
# jetty-http
[https://nvd.nist.gov/vuln/detail/CVE-2024-6763]
Current jetty-http version: 9.4.54.v20240208
Fix versions: 12.0.12
# jetty-server
jetty-server, is vulnerable to [https://nvd.nist.gov/vuln/detail/CVE-2024-8184]
current jetty-server version: 9.4.54.v20240208
Fix Version : 10.0.24, 11.0.24, 12.0.9, 9.4.56
I created this report after I got an automated notification from a security
image scanner.
was:
# jetty-http
[https://nvd.nist.gov/vuln/detail/CVE-2024-6763]
Current jetty-http version: 9.4.54.v20240208
Fix versions: 12.0.12
# jetty-server
jetty-server, is vulnerable to [https://nvd.nist.gov/vuln/detail/CVE-2024-8184]
current jetty-server version: 9.4.54.v20240208
Fix Version : 10.0.24, 11.0.24, 12.0.9, 9.4.56
I created this report after I got an automated notification from a security
image scanning.
> Update jetty-http & jetty-server [CVE-2024-6763] [CVE-2024-8184]
> ----------------------------------------------------------------
>
> Key: KAFKA-17807
> URL: https://issues.apache.org/jira/browse/KAFKA-17807
> Project: Kafka
> Issue Type: Bug
> Affects Versions: 3.9.0
> Reporter: Vishal
> Priority: Blocker
> Fix For: 4.0.0, 3.9.0, 3.8.1
>
>
> # jetty-http
> [https://nvd.nist.gov/vuln/detail/CVE-2024-6763]
> Current jetty-http version: 9.4.54.v20240208
> Fix versions: 12.0.12
> # jetty-server
> jetty-server, is vulnerable to
> [https://nvd.nist.gov/vuln/detail/CVE-2024-8184]
> current jetty-server version: 9.4.54.v20240208
> Fix Version : 10.0.24, 11.0.24, 12.0.9, 9.4.56
> I created this report after I got an automated notification from a security
> image scanner.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
