Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-4439

Upgrade zk vulnerabilities

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 3.6.3
    • None
    • None

    Description

      packages Package Version CVSS Fix version
      jetty-server 9.4.39.v20210325 5.5 fixed in 9.4.44
      jetty-servlet 9.4.39.v20210325 5.5 fixed in 9.4.44
      org.eclipse.jetty_jetty-servlet 9.4.39.v20210325 5.5 fixed in 9.4.44
      com.fasterxml.jackson.core_jackson-databind 2.10.5.1, 2.13.2.1 7.5 fixed in 2.14, 2.13.1, 2.12.6, 2.13.4
      jetty-io. (CVE-2021-34429) 9.4.39.v20210325 5.3 fixed in 11.0.6, 10.0.6, 9.4.43

      Our security scan detected the above vulnerabilities

      upgrade to correct versions for fixing vulnerabilities

      Attachments

        Issue Links

          is cloned by

          Task - A task that needs to be done. ZOOKEEPER-4599 Upgrade Jetty to avoid CVE-2022-2048

          • Major - Major loss of function.
          • Closed

          Activity

            People

              Unassigned Unassigned
              shivakumar Shivakumar
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated: