[jira] [Updated] (KAFKA-17807) Update jetty-http & jetty-server [CVE-2024-6763] [CVE-2024-8184]

Josep Prat (Jira) Wed, 16 Oct 2024 08:10:46 -0700


     [ 
https://issues.apache.org/jira/browse/KAFKA-17807?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Josep Prat updated KAFKA-17807:
-------------------------------
    Affects Version/s: 3.7.1
                       3.8.0

> Update jetty-http & jetty-server [CVE-2024-6763] [CVE-2024-8184]
> ----------------------------------------------------------------
>
>                 Key: KAFKA-17807
>                 URL: https://issues.apache.org/jira/browse/KAFKA-17807
>             Project: Kafka
>          Issue Type: Bug
>    Affects Versions: 3.8.0, 3.7.1, 3.9.0
>            Reporter: Vishal
>            Priority: Blocker
>             Fix For: 4.0.0, 3.9.0, 3.7.2, 3.8.1
>
>
> # jetty-http
> [https://nvd.nist.gov/vuln/detail/CVE-2024-6763]
> Current jetty-http version: 9.4.54.v20240208
> Fix versions: 12.0.12
>  # jetty-server
> jetty-server, is vulnerable to 
> [https://nvd.nist.gov/vuln/detail/CVE-2024-8184]
> current jetty-server version: 9.4.54.v20240208
> Fix Version : 10.0.24, 11.0.24, 12.0.9, 9.4.56
> I created this report after I got an automated notification from a security 
> image scanner.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (KAFKA-17807) Update jetty-http & jetty-server [CVE-2024-6763] [CVE-2024-8184]

Reply via email to