[JOC-1130] Update Jetty from 9.4.18.v20190429 to 9.4.43.v20210629 due to 3rd party vulnerability issue CVE-2021-28165 and CVE-2020-27218 - SOS JIRA

XML

Word

Printable

Details

Type: Fix
Status: Released (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.13.10
Component/s: JOC Cockpit GUI
Labels:
None

Description

Current Situation

Currently JOC Cockpit uses Jetty version 9.4.18.v20190429
vulnerabilities affect this version,
- see https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-28165
- see https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-27218

Desired Behavior

Due to a vulnerability Issue of older Jetty releases the JOC Cockpit should use the current version 9.4.43.v20210629 that fixes the issues.

Attachments

Activity

People

Assignee:: Oliver Haufe

Reporter:: Oliver Haufe

Approver:: Divyani Rathore

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 16 August 2021 14:37

Updated:: 18 December 2021 01:36

Resolved:: 16 August 2021 14:55