Eclipse Jetty DoS Vulnerability (GHSA-8mpp-f3f7-xc28)

Question

Eclipse Jetty DoS Vulnerability (GHSA-8mpp-f3f7-xc28)

Closed this issue 2 years ago · 1 comments

Jetty's version presents a DoS Vulnerability as can be seen here.
I use docker version of prometheus-proxy v.1.14.2 and it uses Jetty:// 9.4.49.v20220914.
Recommendations to fix this problem, update to 10.0.10 or 11.0.10, which are patched versions.
Hope this helps!

Answer 1 · 2022-12-15T05:54:06.000Z

Thanks @gsi-eduardopuig!

I updated the jetty jar to 10.0.13 and released version 1.15.0 of prometheus_proxy with the changes.