Hi Kai,
TBC is for single users and launches its private localhost jetty server
for testing of EDG and for development of EDG customizations only. The
jetty of TBC is never exposed to external users who could exploit this
vulnerability. Even in the worst case, if you elect to trigger this bug
yourself, all you need to do is restart TBC. If someone from the outside
manages to invoke services from the TBC jetty server at localhost, then
you may have many other problems than this vulnerability.
Holger
On 2021-11-06 8:15 pm, Kai Liu wrote:
Hi,
our IT department reported that the TBC ME 7.0.3 running on Win10 has
a vulnerability problem related to the used Eclipse Jetty version
9.4.35.v20201120. The corresponding bug report is here:
https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128
Could you please suggest me how to solve it in TBC ME 7.0.3?
Thanks.
Best regards, Kai
--
You received this message because you are subscribed to the Google
Groups "TopBraid Suite Users" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/topbraid-users/06df0790-7025-4be2-a122-a9bbd870fe3cn%40googlegroups.com
<https://groups.google.com/d/msgid/topbraid-users/06df0790-7025-4be2-a122-a9bbd870fe3cn%40googlegroups.com?utm_medium=email&utm_source=footer>.
--
You received this message because you are subscribed to the Google Groups "TopBraid
Suite Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/topbraid-users/b1b4b542-5c80-7ef3-4da8-63fe9845904e%40topquadrant.com.
