data-transfer-project icon indicating copy to clipboard operation
data-transfer-project copied to clipboard
verified publisher icon google

There is a vulnerability in Jetty: Java based HTTP/1.x, HTTP/2, Servlet, WebSocket Server 9.4.8.v20171121,upgrade recommended

Open QiAnXinCodeSafe opened this issue 3 years ago • 3 comments

https://github.com/google/data-transfer-project/blob/ef53a7e92ef77a3efe0bdc378262215d0fe7498d/extensions/transport/portability-transport-jettyrest/build.gradle#L31

CVE-2017-7657 CVE-2017-7658 CVE-2021-28165 CVE-2020-27216 CVE-2017-7656

Recommended upgrade version:9.4.43.v20210629

QiAnXinCodeSafe avatar Jun 07 '22 08:06 QiAnXinCodeSafe

I have created a PR for this.

rai31218 avatar Apr 13 '23 12:04 rai31218