Uploaded image for project: 'JOC - JobScheduler Operations Center'
  1. JOC - JobScheduler Operations Center
  2. JOC-1627

Update Jetty from 11.0.15 to 11.0.16 due to vulnerability CVE-2023-36479

    XMLWordPrintable

Details

    • CVE-2023-36479

    Description

      Current Situation

      Impact

      • We rate the impact to our software being low as our implementation does not make use of CGI. There is no exploit for JS7.

      Desired Behavior

      • JS7 JOC Cockpit should ship with the latest version 11.0.16 of Jetty which fixes the vulnerability.

      Attachments

        Issue Links

          Activity

            People

              sp Santiago Aucejo Petzoldt
              ap Andreas PĆ¼schel
              Pramokshi Narawariya Pramokshi Narawariya
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: