View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0006645 | SymmetricDS | Improvement | public | 2024-11-11 21:01 | 2024-11-13 20:31 |
Reporter | pbelov | Assigned To | elong | ||
Priority | normal | ||||
Status | closed | Resolution | fixed | ||
Product Version | 3.15.0 | ||||
Target Version | 3.15.10 | Fixed in Version | 3.15.10 | ||
Summary | 0006645: Update jetty server dependency to 11.0.24 | ||||
Description | Update jetty server dependency to 11.0.24 This fixes [CVE-2024-8184] CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion') Description There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory. | ||||
Additional Information | https://github.com/jetty/jetty.project/releases/tag/jetty-11.0.24 | ||||
Tags | security | ||||
Date Modified | Username | Field | Change |
---|---|---|---|
2024-11-11 21:01 | pbelov | New Issue | |
2024-11-11 21:01 | pbelov | Status | new => assigned |
2024-11-11 21:01 | pbelov | Assigned To | => elong |
2024-11-11 21:01 | pbelov | Tag Attached: security | |
2024-11-11 21:01 | pbelov | Project | SymmetricDS Pro => SymmetricDS |
2024-11-11 22:00 | admin | Changeset attached | => SymmetricDS 3.15 6fbfba50 |
2024-11-13 18:33 | cquamme | Status | assigned => resolved |
2024-11-13 18:33 | cquamme | Resolution | open => fixed |
2024-11-13 18:33 | cquamme | Fixed in Version | => 3.15.10 |
2024-11-13 18:33 | cquamme | Target Version | => 3.15.10 |
2024-11-13 20:31 | pbelov | Status | resolved => closed |