View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006645 | SymmetricDS | Improvement | public | 2024-11-11 21:01 | 2024-11-13 20:31 |
| Reporter | pbelov | Assigned To | elong | ||
| Priority | normal | ||||
| Status | closed | Resolution | fixed | ||
| Product Version | 3.15.0 | ||||
| Target Version | 3.15.10 | Fixed in Version | 3.15.10 | ||
| Summary | 0006645: Update jetty server dependency to 11.0.24 | ||||
| Description | Update jetty server dependency to 11.0.24 This fixes [CVE-2024-8184] CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion') Description There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory. | ||||
| Additional Information | https://github.com/jetty/jetty.project/releases/tag/jetty-11.0.24 | ||||
| Tags | security | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2024-11-11 21:01 | pbelov | New Issue | |
| 2024-11-11 21:01 | pbelov | Status | new => assigned |
| 2024-11-11 21:01 | pbelov | Assigned To | => elong |
| 2024-11-11 21:01 | pbelov | Tag Attached: security | |
| 2024-11-11 21:01 | pbelov | Project | SymmetricDS Pro => SymmetricDS |
| 2024-11-11 22:00 | admin | Changeset attached | => SymmetricDS 3.15 6fbfba50 |
| 2024-11-13 18:33 | cquamme | Status | assigned => resolved |
| 2024-11-13 18:33 | cquamme | Resolution | open => fixed |
| 2024-11-13 18:33 | cquamme | Fixed in Version | => 3.15.10 |
| 2024-11-13 18:33 | cquamme | Target Version | => 3.15.10 |
| 2024-11-13 20:31 | pbelov | Status | resolved => closed |