Uploaded image for project: 'JOC - JobScheduler Operations Center'
  1. JOC - JobScheduler Operations Center
  2. JOC-1627

Update Jetty from 11.0.15 to 11.0.16 due to vulnerability CVE-2023-36479

    XMLWordPrintable

Details

    • CVE-2023-36479

    Description

      Current Situation

      Impact

      • We rate the impact to our software being low as our implementation does not make use of CGI. There is no exploit for JS7.

      Desired Behavior

      • JS7 JOC Cockpit should ship with the latest version 11.0.16 of Jetty which fixes the vulnerability.

      Attachments

        Issue Links

          Activity

            People

              sp Santiago Aucejo Petzoldt
              ap Andreas Püschel
              Pramokshi Narawariya Pramokshi Narawariya
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: