Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-72904

After updating the jenkins.war to 2.450 i get vulnerability notifications



      I just updated my jenkins.war from 2.448 to 2.450 and now I get the following warning:

      Warnings have been published for the following currently installed components:Jenkins 2.450 core and librariesHTTP/2 denial of service vulnerability in bundled Jetty (no fix available)No
       fixes for these issues are available. It is recommended that you review
       the security advisory and apply mitigations if possible. 

      As I said, my version currently is 2.450 and when I look into: https://www.jenkins.io/security/advisory/2024-03-20/ it seems, like this problem should only affect previous versions to 2.443.

      Is this actualy a security concern for 2.450 aswell, or is it just a visual notification bug?

      I've attached a screenshot of the message


            Unassigned Unassigned
            fakoelobster Fabian König
            0 Vote for this issue
            2 Start watching this issue