bharathappali
commented
10 months ago The issue is with the package org.eclipse.jetty.servlets.CGI and we are currently on version 9.4.44.v20210927
This issue was patched in version 9.4.52, 10.0.16, 11.0.16 and 12.0.0-beta2.
in 9, 10, 11 package is marked deprecated, in 12 it's removed.
Security issue - CVE-2023-36479
This PR added the required version updates to fix the security issue. Although the latest available version is
12.0.3for jetty, we are moving to nearest stable version to avoid any major integration issues. Would highly recommend to test the latest version and proceed to update to the latest.NOTE: This is a quick fix.