apache/dubbo-go-hessian2

There is a vulnerability in jetty 9.4.16.v20190411 ,upgrade recommended

QiAnXinCodeSafe opened this issue · 1 comments

QiAnXinCodeSafe commented

dubbo-go-hessian2/test_hessian/pom.xml

Lines 40 to 42 in 6f053c6

<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlet</artifactId>
<version>9.4.16.v20190411</version>

CVE-2021-28165 CVE-2020-27216 CVE-2020-27223 CVE-2019-10247 CVE-2019-10246

Recommended upgrade version:9.4.39.v20210325

wongoo commented

fixed in 59acf74