We did already a security scan, it detected CVE-2023-36478 and CVE-2023-44487
Both CVEs are related to HTTP2. I have thought that HTTP2 is not possible in Karaf 4.3. Can someone confirm this assumption. Regards Richard Am Do., 22. Feb. 2024 um 11:23 Uhr schrieb Chandan Singh < mailbox.chandansi...@gmail.com>: > Hi All , > > During a recent Security Scan we found a vulnerability reported > regarding the Jetty version in Apache Karaf 4.3.10 . Does anyone have > any recommendations on the same ? > > [image: image.png] > > > Regards > Chandan >