Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-27223 (GCVE-0-2020-27223)
Vulnerability from cvelistv5 – Published: 2021-02-26 21:55 – Updated: 2025-08-20 10:03
VLAI
EPSS
Summary
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.
Severity
5.2 (Medium)
CWE
- CWE-407 - Inefficient Algorithmic Complexity
Assigner
References
67 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| The Eclipse Foundation | Eclipse Jetty |
Affected:
9.4.6.v20170531 , < unspecified
(custom)
Affected: unspecified , ≤ 9.4.36.v20210114 (custom) Affected: 10.0.0 Affected: 11.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:11:36.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7"
},
{
"name": "[karaf-user] 20210301 Re: Jetty security defect",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5612dc69e1f79c421faf9764ffbc92591e2a69ea417c04cba57f49ea%40%3Cuser.karaf.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr commented on pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20210302 [jira] [Created] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r35ab810c0f3016b3fd3a3fa9088a2d2781b354a810780ce74d022b6c%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr opened a new pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2c2c7b2971360fb946bbf062c58d7245927dd1ce9150fc9987f65409%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [jira] [Created] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r1b7ed296a865e3f1337a96ee9cd51f6d154d881a30da36020ca72a4b%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[druid-commits] 20210302 [GitHub] [druid] a2l007 opened a new pull request #10937: Upgrade jetty to latest version",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc052fd4e9e9c01bead74c0b5680355ea5dc3b72d46f253cb65d03e43%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] ableegoldman commented on pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdd6c47321db1bfe12c68a898765bf3b6f97e2afa6a501254ed4feaed%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20210302 [jira] [Resolved] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra47a26c008487b0a739a368c846e168de06c3cd118d31ecedafa679a%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [jira] [Resolved] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7fbdb7880be1566f943d80fbbeefde2115c086eba1bef3115350a388%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-commits] 20210302 [kafka] branch 2.7 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rff630ce92a4d1bb494fc1a3f9b57a3d60819b436505bcd8c6ccc713c%40%3Ccommits.kafka.apache.org%3E"
},
{
"name": "[kafka-commits] 20210302 [kafka] branch 2.8 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra384892bab8c03a60613a6a9d5e9cae0a2b800fd882792a55520115e%40%3Ccommits.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] omkreddy closed pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r562a0cbc5c8cac4d000a27b2854a8ab1b924aa9dd45f8ffbea98e5ad%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-commits] 20210302 [kafka] branch 2.6 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re819198d4732804dc01fca8b5b144689a118ede49f6128968773595c%40%3Ccommits.kafka.apache.org%3E"
},
{
"name": "[activemq-gitbox] 20210303 [GitHub] [activemq] ehossack-aws opened a new pull request #616: Upgrade to Jetty 9.4.38.v20210224",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r0e25cdf3722a24c53049d37396f0da8502cb4b7cdc481650dc601dbc%40%3Cgitbox.activemq.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r26d9196f4d2afb9bec2784bcb6fc183aca82e4119bf41bdc613eec01%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r857b31ad16c6e76002bc6cca73c83358ed2595477e288286ee82c48d%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210307 [jira] [Updated] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r0b639bd9bfaea265022125d18acd2fc6456044b76609ec74772c9567%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210307 [jira] [Created] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/raa6d60b00b67c0550672b4f506f0df75b323dcd25cf574e91e2f2dff%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb79b62ac3085e05656e41865f5a7efcbdc7dcd7843abed9c5fe0fef8%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf6c2efa3137bc8c22707e550a1f9b80f74bca62b9c8a6f768f2c6b86%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-dev] 20210307 [jira] [Created] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5b7cc6ac733e0b35816751cf45d152ae246a3f40e0b1e62b101c9522%40%3Cdev.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re43768896273c0b5f1a03d7f0a9d370852074489d51825fdc0d77f0f%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210308 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r75ee2a529edb892ac59110cb3f6f91844a932c5034e16c8317f5668d%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210308 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7f4ad5eec0bce2821c308bb23cac53df5c94eb84de1c58de9b95c176%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra40a88a2301a3da86e25b501ff4bc88124f2b816c2917d5f3497f8f0%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on a change in pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re19fa47ec901cc3cf6d7784027198e8113f8bc2dbfd6c9d6d13f5447%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg closed pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r492cff8488a7f6eb96700afb5d137b719ddb80a833e77f971d2691c6%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r0cdab13815fc419805a332278c8d27e354e78560944fc36db0bdc760%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg closed pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r409ee2bae66bfff6aa89e6c74aff535e6248260d3afcb42bfb3b316b%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r8b1963f16d6cb1230ca7ee73b6ec4f5c48f344191dbb1caabd265ee4%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r8dc1b13b80d39fbf4a9d158850e15cd868f0460c2f364f13dca7050b%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on a change in pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/reca91f217f9e1ce607ce6e19a1c0b3db82b5b1b58cf39a84d6434695%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] arshadmohammad commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf77f4c4583669f1133d58cc4f1964367e253818ed8db986bb2732f7c%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210310 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re03a4dbc15df6f390a2f8c0a071c31c8324dbef007e59fdc2592091a%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210310 [GitHub] [zookeeper] asfgit closed pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r51f8975ef47c12a46fbfd7da9efea7f08e1d307fe1dc3042514659ae%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210310 [jira] [Resolved] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r734f996149bb9b1796740385fcbdf3e093eb9aabedc0f20a48ea1d68%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210310 [zookeeper] branch branch-3.7.0 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r0c6eced465950743f3041b03767a32b2e98d19731bd72277fc7ea428%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210310 [zookeeper] branch master updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r897a6a14d03eab09e89b809d2a650f3765065201da5bc3db9a4dd6e8%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[solr-users] 20210310 Does CVE-2020-27223 impact Solr 8.6.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r07aedcb1ece62969c406cb84c8f0e22cec7e42cdc272f3176e473320%40%3Cusers.solr.apache.org%3E"
},
{
"name": "[nifi-issues] 20210310 [jira] [Created] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r4c92ea39167c0f7b096ae8268db496b5451d69606f0304b7c8a994c7%40%3Cissues.nifi.apache.org%3E"
},
{
"name": "[lucene-dev] 20210310 Does CVE-2020-27223 impact Solr 8.6.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7ffd050d3bd7c90d95f4933560b5f4f15971ab9a5f5322fdce116243%40%3Cdev.lucene.apache.org%3E"
},
{
"name": "[nifi-issues] 20210310 [jira] [Resolved] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r1b803e6ebdac5f670708878fb1b27cd7a0ce9d774a60e797e58cee6f%40%3Cissues.nifi.apache.org%3E"
},
{
"name": "[lucene-dev] 20210310 Re: Does CVE-2020-27223 impact Solr 8.6.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re3bd4f831f9be49871cb6adb997289b5dbcd6fe4bc5cb08223254080%40%3Cdev.lucene.apache.org%3E"
},
{
"name": "[nifi-issues] 20210310 [jira] [Commented] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r463b12b27264c5e1e3c48c8c2cc5d33813d2f0d981102548fb3102fb%40%3Cissues.nifi.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1%40%3Cdev.kafka.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Assigned] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r601f15f3de7ae3a7bbcd780c19155075c56443c2cdc1d193c03b4182%40%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] xkrogen opened a new pull request #31846: [SPARK-34752] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd666e187ebea2fda8624683ab51e2a5ad2108f762d21bf1a383d7502%40%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] AmplabJenkins commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra2f529da674f25a7351543544f7d621b5227c49a0745913b1194d11e%40%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Updated] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r4a456d89a83752a012d88a60ff4b21def6c9f650b9e69ea9fa11c9f9%40%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Commented] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r521a077885ce79c44a799118c878589e81e525cab72d368e5cfb6f61%40%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Created] (SPARK-34752) Upgrade Jetty to 9.3.37 to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r105f4e52feb051faeb9141ef78f909aaf5129d6ed1fc52e099c79463%40%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Updated] (SPARK-34752) Upgrade Jetty to 9.3.37 to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r27ad7843d060762cc942820566eeaa9639f75371afedf8124b943283%40%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Resolved] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc721fe2910533bffb6bd4d69ea8ff4f36066d260dbcd2d14e041614a%40%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] HyukjinKwon commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/reb3c6dc050c7ee18ea154cd94dba85d99aa6b02b84c4bb2138a4abf2%40%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] HyukjinKwon closed pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r1414ab2b3f4bb4c0e736caff6dc8d15f93f6264f0cca5c47710d7bb3%40%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210316 [GitHub] [spark] xkrogen commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2c947376491a20d1cf143bf3c21ed74113e099d806cfe4c490a45ad8%40%3Creviews.spark.apache.org%3E"
},
{
"name": "[solr-issues] 20210407 [jira] [Created] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r068dfd35ce2193f6af28b74ff29ab148c2b2cacb235995576f5bea78%40%3Cissues.solr.apache.org%3E"
},
{
"name": "[solr-issues] 20210507 [jira] [Updated] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211%40%3Cissues.solr.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210401-0005/"
},
{
"name": "[solr-issues] 20210623 [jira] [Updated] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf190d1d28e1367d1664ef6bc2f71227566d7b6b39209817a5364da1f%40%3Cissues.solr.apache.org%3E"
},
{
"name": "DSA-4949",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4949"
},
{
"name": "[solr-issues] 20210813 [jira] [Resolved] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r65c714241b9d064a44fec10d60ebf5a37d5ebadd6bf88b0eed13ade0%40%3Cissues.solr.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Eclipse Jetty",
"vendor": "The Eclipse Foundation",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "9.4.6.v20170531",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.4.36.v20210114",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"status": "affected",
"version": "10.0.0"
},
{
"status": "affected",
"version": "11.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of \u201cquality\u201d (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.\u003c/p\u003e"
}
],
"value": "In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of \u201cquality\u201d (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-407",
"description": "CWE-407: Inefficient Algorithmic Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T10:03:37.386Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7"
},
{
"name": "[karaf-user] 20210301 Re: Jetty security defect",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5612dc69e1f79c421faf9764ffbc92591e2a69ea417c04cba57f49ea%40%3Cuser.karaf.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr commented on pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20210302 [jira] [Created] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r35ab810c0f3016b3fd3a3fa9088a2d2781b354a810780ce74d022b6c%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr opened a new pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2c2c7b2971360fb946bbf062c58d7245927dd1ce9150fc9987f65409%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [jira] [Created] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r1b7ed296a865e3f1337a96ee9cd51f6d154d881a30da36020ca72a4b%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[druid-commits] 20210302 [GitHub] [druid] a2l007 opened a new pull request #10937: Upgrade jetty to latest version",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc052fd4e9e9c01bead74c0b5680355ea5dc3b72d46f253cb65d03e43%40%3Ccommits.druid.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] ableegoldman commented on pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdd6c47321db1bfe12c68a898765bf3b6f97e2afa6a501254ed4feaed%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20210302 [jira] [Resolved] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra47a26c008487b0a739a368c846e168de06c3cd118d31ecedafa679a%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [jira] [Resolved] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7fbdb7880be1566f943d80fbbeefde2115c086eba1bef3115350a388%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-commits] 20210302 [kafka] branch 2.7 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rff630ce92a4d1bb494fc1a3f9b57a3d60819b436505bcd8c6ccc713c%40%3Ccommits.kafka.apache.org%3E"
},
{
"name": "[kafka-commits] 20210302 [kafka] branch 2.8 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra384892bab8c03a60613a6a9d5e9cae0a2b800fd882792a55520115e%40%3Ccommits.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] omkreddy closed pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r562a0cbc5c8cac4d000a27b2854a8ab1b924aa9dd45f8ffbea98e5ad%40%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-commits] 20210302 [kafka] branch 2.6 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re819198d4732804dc01fca8b5b144689a118ede49f6128968773595c%40%3Ccommits.kafka.apache.org%3E"
},
{
"name": "[activemq-gitbox] 20210303 [GitHub] [activemq] ehossack-aws opened a new pull request #616: Upgrade to Jetty 9.4.38.v20210224",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r0e25cdf3722a24c53049d37396f0da8502cb4b7cdc481650dc601dbc%40%3Cgitbox.activemq.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r26d9196f4d2afb9bec2784bcb6fc183aca82e4119bf41bdc613eec01%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r857b31ad16c6e76002bc6cca73c83358ed2595477e288286ee82c48d%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210307 [jira] [Updated] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r0b639bd9bfaea265022125d18acd2fc6456044b76609ec74772c9567%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210307 [jira] [Created] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/raa6d60b00b67c0550672b4f506f0df75b323dcd25cf574e91e2f2dff%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb79b62ac3085e05656e41865f5a7efcbdc7dcd7843abed9c5fe0fef8%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf6c2efa3137bc8c22707e550a1f9b80f74bca62b9c8a6f768f2c6b86%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-dev] 20210307 [jira] [Created] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5b7cc6ac733e0b35816751cf45d152ae246a3f40e0b1e62b101c9522%40%3Cdev.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re43768896273c0b5f1a03d7f0a9d370852074489d51825fdc0d77f0f%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210308 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r75ee2a529edb892ac59110cb3f6f91844a932c5034e16c8317f5668d%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210308 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7f4ad5eec0bce2821c308bb23cac53df5c94eb84de1c58de9b95c176%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra40a88a2301a3da86e25b501ff4bc88124f2b816c2917d5f3497f8f0%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on a change in pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re19fa47ec901cc3cf6d7784027198e8113f8bc2dbfd6c9d6d13f5447%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg closed pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r492cff8488a7f6eb96700afb5d137b719ddb80a833e77f971d2691c6%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r0cdab13815fc419805a332278c8d27e354e78560944fc36db0bdc760%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg closed pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r409ee2bae66bfff6aa89e6c74aff535e6248260d3afcb42bfb3b316b%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r8b1963f16d6cb1230ca7ee73b6ec4f5c48f344191dbb1caabd265ee4%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r8dc1b13b80d39fbf4a9d158850e15cd868f0460c2f364f13dca7050b%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on a change in pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/reca91f217f9e1ce607ce6e19a1c0b3db82b5b1b58cf39a84d6434695%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] arshadmohammad commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf77f4c4583669f1133d58cc4f1964367e253818ed8db986bb2732f7c%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210310 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re03a4dbc15df6f390a2f8c0a071c31c8324dbef007e59fdc2592091a%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210310 [GitHub] [zookeeper] asfgit closed pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r51f8975ef47c12a46fbfd7da9efea7f08e1d307fe1dc3042514659ae%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210310 [jira] [Resolved] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r734f996149bb9b1796740385fcbdf3e093eb9aabedc0f20a48ea1d68%40%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210310 [zookeeper] branch branch-3.7.0 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r0c6eced465950743f3041b03767a32b2e98d19731bd72277fc7ea428%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210310 [zookeeper] branch master updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r897a6a14d03eab09e89b809d2a650f3765065201da5bc3db9a4dd6e8%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[solr-users] 20210310 Does CVE-2020-27223 impact Solr 8.6.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r07aedcb1ece62969c406cb84c8f0e22cec7e42cdc272f3176e473320%40%3Cusers.solr.apache.org%3E"
},
{
"name": "[nifi-issues] 20210310 [jira] [Created] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r4c92ea39167c0f7b096ae8268db496b5451d69606f0304b7c8a994c7%40%3Cissues.nifi.apache.org%3E"
},
{
"name": "[lucene-dev] 20210310 Does CVE-2020-27223 impact Solr 8.6.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7ffd050d3bd7c90d95f4933560b5f4f15971ab9a5f5322fdce116243%40%3Cdev.lucene.apache.org%3E"
},
{
"name": "[nifi-issues] 20210310 [jira] [Resolved] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r1b803e6ebdac5f670708878fb1b27cd7a0ce9d774a60e797e58cee6f%40%3Cissues.nifi.apache.org%3E"
},
{
"name": "[lucene-dev] 20210310 Re: Does CVE-2020-27223 impact Solr 8.6.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re3bd4f831f9be49871cb6adb997289b5dbcd6fe4bc5cb08223254080%40%3Cdev.lucene.apache.org%3E"
},
{
"name": "[nifi-issues] 20210310 [jira] [Commented] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r463b12b27264c5e1e3c48c8c2cc5d33813d2f0d981102548fb3102fb%40%3Cissues.nifi.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1%40%3Cdev.kafka.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614%40%3Cdev.kafka.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Assigned] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r601f15f3de7ae3a7bbcd780c19155075c56443c2cdc1d193c03b4182%40%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] xkrogen opened a new pull request #31846: [SPARK-34752] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd666e187ebea2fda8624683ab51e2a5ad2108f762d21bf1a383d7502%40%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] AmplabJenkins commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra2f529da674f25a7351543544f7d621b5227c49a0745913b1194d11e%40%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Updated] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r4a456d89a83752a012d88a60ff4b21def6c9f650b9e69ea9fa11c9f9%40%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Commented] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r521a077885ce79c44a799118c878589e81e525cab72d368e5cfb6f61%40%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Created] (SPARK-34752) Upgrade Jetty to 9.3.37 to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r105f4e52feb051faeb9141ef78f909aaf5129d6ed1fc52e099c79463%40%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Updated] (SPARK-34752) Upgrade Jetty to 9.3.37 to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r27ad7843d060762cc942820566eeaa9639f75371afedf8124b943283%40%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Resolved] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc721fe2910533bffb6bd4d69ea8ff4f36066d260dbcd2d14e041614a%40%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] HyukjinKwon commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/reb3c6dc050c7ee18ea154cd94dba85d99aa6b02b84c4bb2138a4abf2%40%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] HyukjinKwon closed pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r1414ab2b3f4bb4c0e736caff6dc8d15f93f6264f0cca5c47710d7bb3%40%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210316 [GitHub] [spark] xkrogen commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2c947376491a20d1cf143bf3c21ed74113e099d806cfe4c490a45ad8%40%3Creviews.spark.apache.org%3E"
},
{
"name": "[solr-issues] 20210407 [jira] [Created] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r068dfd35ce2193f6af28b74ff29ab148c2b2cacb235995576f5bea78%40%3Cissues.solr.apache.org%3E"
},
{
"name": "[solr-issues] 20210507 [jira] [Updated] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211%40%3Cissues.solr.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210401-0005/"
},
{
"name": "[solr-issues] 20210623 [jira] [Updated] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf190d1d28e1367d1664ef6bc2f71227566d7b6b39209817a5364da1f%40%3Cissues.solr.apache.org%3E"
},
{
"name": "DSA-4949",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4949"
},
{
"name": "[solr-issues] 20210813 [jira] [Resolved] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r65c714241b9d064a44fec10d60ebf5a37d5ebadd6bf88b0eed13ade0%40%3Cissues.solr.apache.org%3E"
},
{
"tags": [
"patch"
],
"url": "https://github.com/jetty/jetty.project/commit/10e531756b972162eed402c44d0244f7f6b85131"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@eclipse.org",
"ID": "CVE-2020-27223",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Eclipse Jetty",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "9.4.6.v20170531"
},
{
"version_affected": "\u003c=",
"version_value": "9.4.36.v20210114"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
}
]
},
"vendor_name": "The Eclipse Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of \u201cquality\u201d (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values."
}
]
},
"impact": {
"cvss": {
"baseScore": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-407: Inefficient Algorithmic Complexity"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128",
"refsource": "CONFIRM",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
},
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7",
"refsource": "CONFIRM",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7"
},
{
"name": "[karaf-user] 20210301 Re: Jetty security defect",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5612dc69e1f79c421faf9764ffbc92591e2a69ea417c04cba57f49ea@%3Cuser.karaf.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr commented on pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20210302 [jira] [Created] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r35ab810c0f3016b3fd3a3fa9088a2d2781b354a810780ce74d022b6c@%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr opened a new pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2c2c7b2971360fb946bbf062c58d7245927dd1ce9150fc9987f65409@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [jira] [Created] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1b7ed296a865e3f1337a96ee9cd51f6d154d881a30da36020ca72a4b@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[druid-commits] 20210302 [GitHub] [druid] a2l007 opened a new pull request #10937: Upgrade jetty to latest version",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc052fd4e9e9c01bead74c0b5680355ea5dc3b72d46f253cb65d03e43@%3Ccommits.druid.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] ableegoldman commented on pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdd6c47321db1bfe12c68a898765bf3b6f97e2afa6a501254ed4feaed@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20210302 [jira] [Resolved] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra47a26c008487b0a739a368c846e168de06c3cd118d31ecedafa679a@%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [jira] [Resolved] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7fbdb7880be1566f943d80fbbeefde2115c086eba1bef3115350a388@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-commits] 20210302 [kafka] branch 2.7 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rff630ce92a4d1bb494fc1a3f9b57a3d60819b436505bcd8c6ccc713c@%3Ccommits.kafka.apache.org%3E"
},
{
"name": "[kafka-commits] 20210302 [kafka] branch 2.8 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra384892bab8c03a60613a6a9d5e9cae0a2b800fd882792a55520115e@%3Ccommits.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] omkreddy closed pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r562a0cbc5c8cac4d000a27b2854a8ab1b924aa9dd45f8ffbea98e5ad@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-commits] 20210302 [kafka] branch 2.6 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re819198d4732804dc01fca8b5b144689a118ede49f6128968773595c@%3Ccommits.kafka.apache.org%3E"
},
{
"name": "[activemq-gitbox] 20210303 [GitHub] [activemq] ehossack-aws opened a new pull request #616: Upgrade to Jetty 9.4.38.v20210224",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0e25cdf3722a24c53049d37396f0da8502cb4b7cdc481650dc601dbc@%3Cgitbox.activemq.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r26d9196f4d2afb9bec2784bcb6fc183aca82e4119bf41bdc613eec01@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r857b31ad16c6e76002bc6cca73c83358ed2595477e288286ee82c48d@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210307 [jira] [Updated] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0b639bd9bfaea265022125d18acd2fc6456044b76609ec74772c9567@%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210307 [jira] [Created] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/raa6d60b00b67c0550672b4f506f0df75b323dcd25cf574e91e2f2dff@%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb79b62ac3085e05656e41865f5a7efcbdc7dcd7843abed9c5fe0fef8@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6c2efa3137bc8c22707e550a1f9b80f74bca62b9c8a6f768f2c6b86@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-dev] 20210307 [jira] [Created] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5b7cc6ac733e0b35816751cf45d152ae246a3f40e0b1e62b101c9522@%3Cdev.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re43768896273c0b5f1a03d7f0a9d370852074489d51825fdc0d77f0f@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210308 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r75ee2a529edb892ac59110cb3f6f91844a932c5034e16c8317f5668d@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210308 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7f4ad5eec0bce2821c308bb23cac53df5c94eb84de1c58de9b95c176@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra40a88a2301a3da86e25b501ff4bc88124f2b816c2917d5f3497f8f0@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on a change in pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re19fa47ec901cc3cf6d7784027198e8113f8bc2dbfd6c9d6d13f5447@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg closed pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r492cff8488a7f6eb96700afb5d137b719ddb80a833e77f971d2691c6@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0cdab13815fc419805a332278c8d27e354e78560944fc36db0bdc760@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg closed pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r409ee2bae66bfff6aa89e6c74aff535e6248260d3afcb42bfb3b316b@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8b1963f16d6cb1230ca7ee73b6ec4f5c48f344191dbb1caabd265ee4@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8dc1b13b80d39fbf4a9d158850e15cd868f0460c2f364f13dca7050b@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on a change in pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/reca91f217f9e1ce607ce6e19a1c0b3db82b5b1b58cf39a84d6434695@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] arshadmohammad commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf77f4c4583669f1133d58cc4f1964367e253818ed8db986bb2732f7c@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210310 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re03a4dbc15df6f390a2f8c0a071c31c8324dbef007e59fdc2592091a@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210310 [GitHub] [zookeeper] asfgit closed pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r51f8975ef47c12a46fbfd7da9efea7f08e1d307fe1dc3042514659ae@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210310 [jira] [Resolved] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r734f996149bb9b1796740385fcbdf3e093eb9aabedc0f20a48ea1d68@%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210310 [zookeeper] branch branch-3.7.0 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0c6eced465950743f3041b03767a32b2e98d19731bd72277fc7ea428@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210310 [zookeeper] branch master updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r897a6a14d03eab09e89b809d2a650f3765065201da5bc3db9a4dd6e8@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[solr-users] 20210310 Does CVE-2020-27223 impact Solr 8.6.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r07aedcb1ece62969c406cb84c8f0e22cec7e42cdc272f3176e473320@%3Cusers.solr.apache.org%3E"
},
{
"name": "[nifi-issues] 20210310 [jira] [Created] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r4c92ea39167c0f7b096ae8268db496b5451d69606f0304b7c8a994c7@%3Cissues.nifi.apache.org%3E"
},
{
"name": "[lucene-dev] 20210310 Does CVE-2020-27223 impact Solr 8.6.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7ffd050d3bd7c90d95f4933560b5f4f15971ab9a5f5322fdce116243@%3Cdev.lucene.apache.org%3E"
},
{
"name": "[nifi-issues] 20210310 [jira] [Resolved] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1b803e6ebdac5f670708878fb1b27cd7a0ce9d774a60e797e58cee6f@%3Cissues.nifi.apache.org%3E"
},
{
"name": "[lucene-dev] 20210310 Re: Does CVE-2020-27223 impact Solr 8.6.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re3bd4f831f9be49871cb6adb997289b5dbcd6fe4bc5cb08223254080@%3Cdev.lucene.apache.org%3E"
},
{
"name": "[nifi-issues] 20210310 [jira] [Commented] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r463b12b27264c5e1e3c48c8c2cc5d33813d2f0d981102548fb3102fb@%3Cissues.nifi.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1@%3Cdev.kafka.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1@%3Cdev.kafka.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614@%3Cdev.kafka.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614@%3Cdev.kafka.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Assigned] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r601f15f3de7ae3a7bbcd780c19155075c56443c2cdc1d193c03b4182@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] xkrogen opened a new pull request #31846: [SPARK-34752] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd666e187ebea2fda8624683ab51e2a5ad2108f762d21bf1a383d7502@%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] AmplabJenkins commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra2f529da674f25a7351543544f7d621b5227c49a0745913b1194d11e@%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Updated] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r4a456d89a83752a012d88a60ff4b21def6c9f650b9e69ea9fa11c9f9@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Commented] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r521a077885ce79c44a799118c878589e81e525cab72d368e5cfb6f61@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Created] (SPARK-34752) Upgrade Jetty to 9.3.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r105f4e52feb051faeb9141ef78f909aaf5129d6ed1fc52e099c79463@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Updated] (SPARK-34752) Upgrade Jetty to 9.3.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r27ad7843d060762cc942820566eeaa9639f75371afedf8124b943283@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Resolved] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc721fe2910533bffb6bd4d69ea8ff4f36066d260dbcd2d14e041614a@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] HyukjinKwon commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/reb3c6dc050c7ee18ea154cd94dba85d99aa6b02b84c4bb2138a4abf2@%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] HyukjinKwon closed pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1414ab2b3f4bb4c0e736caff6dc8d15f93f6264f0cca5c47710d7bb3@%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210316 [GitHub] [spark] xkrogen commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2c947376491a20d1cf143bf3c21ed74113e099d806cfe4c490a45ad8@%3Creviews.spark.apache.org%3E"
},
{
"name": "[solr-issues] 20210407 [jira] [Created] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r068dfd35ce2193f6af28b74ff29ab148c2b2cacb235995576f5bea78@%3Cissues.solr.apache.org%3E"
},
{
"name": "[solr-issues] 20210507 [jira] [Updated] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211@%3Cissues.solr.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210401-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210401-0005/"
},
{
"name": "[solr-issues] 20210623 [jira] [Updated] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf190d1d28e1367d1664ef6bc2f71227566d7b6b39209817a5364da1f@%3Cissues.solr.apache.org%3E"
},
{
"name": "DSA-4949",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4949"
},
{
"name": "[solr-issues] 20210813 [jira] [Resolved] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r65c714241b9d064a44fec10d60ebf5a37d5ebadd6bf88b0eed13ade0@%3Cissues.solr.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2020-27223",
"datePublished": "2021-02-26T21:55:13.000Z",
"dateReserved": "2020-10-19T00:00:00.000Z",
"dateUpdated": "2025-08-20T10:03:37.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-27223",
"date": "2026-05-30",
"epss": "0.27867",
"percentile": "0.96545"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-27223\",\"sourceIdentifier\":\"emo@eclipse.org\",\"published\":\"2021-02-26T22:15:19.317\",\"lastModified\":\"2025-08-20T10:15:27.843\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of \u201cquality\u201d (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.\"},{\"lang\":\"es\",\"value\":\"En Eclipse Jetty versiones 9.4.6.v20170531 hasta 9.4.36.v20210114 (inclusive), versiones 10.0.0 y 11.0.0, cuando Jetty maneja una petici\u00f3n que contiene m\u00faltiples encabezados Accept con una gran cantidad de par\u00e1metros \u201cquality\u201d (es decir, q), el servidor puede entrar en un estado de denegaci\u00f3n de servicio (DoS) debido al alto uso de CPU procesando esos valores de calidad, resultando en minutos de tiempo de CPU agotados procesando esos valores de calidad\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"emo@eclipse.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":5.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.5,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"emo@eclipse.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-407\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.4.7\",\"versionEndExcluding\":\"9.4.36\",\"matchCriteriaId\":\"F30DCAA9-4998-4E2F-9341-8E0F1752CB92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:9.4.6:20170531:*:*:*:*:*:*\",\"matchCriteriaId\":\"16872138-6AF5-418F-998F-1220DA602AE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:9.4.6:20180619:*:*:*:*:*:*\",\"matchCriteriaId\":\"3211336E-0EE6-4676-AEFA-A778176C0ECE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:9.4.36:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"23BC90F3-4107-46B6-8135-42374512EDDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:9.4.36:20210114:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8B77C51-6991-4C6B-9112-AC87B0E9D530\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:10.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5737CF3E-AA46-45DD-801A-E22ACCDB00CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:11.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"52F4E0D3-9709-4073-9DE0-F36CDD3DB62F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:nifi:1.13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12AA1D39-F2E2-48E7-9D9F-49F5E52F29B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:spark:3.1.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"16A8F28D-5F62-4F99-9292-20E039E0756B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.70.1\",\"matchCriteriaId\":\"FF971916-C526-43A9-BD80-985BCC476569\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*\",\"matchCriteriaId\":\"1AEFF829-A8F2-4041-8DDF-E705DB3ADED2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:element_plug-in_for_vcenter_server:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"214712B6-59AF-4B5E-84BF-AF3C74A390EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A6E548F-62E9-40CB-85DA-FDAA0F0096C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C19813-E823-456A-B1CE-EC0684CE1953\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86B51137-28D9-41F2-AFA2-3CC22B4954D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F4754FB-E3EB-454A-AB1A-AE3835C5350C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDFB1169-41A0-4A86-8E4F-FDA9730B1E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*\",\"matchCriteriaId\":\"26A2B713-7D6D-420A-93A4-E0D983C983DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*\",\"matchCriteriaId\":\"64DE38C8-94F1-4860-B045-F33928F676A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:8.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42672AEA-5920-4951-ADCF-5D5AA4AB4A77\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:*\",\"versionEndExcluding\":\"20.4.3.050.1904\",\"matchCriteriaId\":\"D0AFFDC9-8EBA-45A2-AD53-18E663AF4631\"}]}]}],\"references\":[{\"url\":\"https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/jetty/jetty.project/commit/10e531756b972162eed402c44d0244f7f6b85131\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r068dfd35ce2193f6af28b74ff29ab148c2b2cacb235995576f5bea78%40%3Cissues.solr.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r07aedcb1ece62969c406cb84c8f0e22cec7e42cdc272f3176e473320%40%3Cusers.solr.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r0b639bd9bfaea265022125d18acd2fc6456044b76609ec74772c9567%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r0c6eced465950743f3041b03767a32b2e98d19731bd72277fc7ea428%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r0cdab13815fc419805a332278c8d27e354e78560944fc36db0bdc760%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r0e25cdf3722a24c53049d37396f0da8502cb4b7cdc481650dc601dbc%40%3Cgitbox.activemq.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r105f4e52feb051faeb9141ef78f909aaf5129d6ed1fc52e099c79463%40%3Cissues.spark.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r1414ab2b3f4bb4c0e736caff6dc8d15f93f6264f0cca5c47710d7bb3%40%3Creviews.spark.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r1b7ed296a865e3f1337a96ee9cd51f6d154d881a30da36020ca72a4b%40%3Cjira.kafka.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r1b803e6ebdac5f670708878fb1b27cd7a0ce9d774a60e797e58cee6f%40%3Cissues.nifi.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r26d9196f4d2afb9bec2784bcb6fc183aca82e4119bf41bdc613eec01%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r27ad7843d060762cc942820566eeaa9639f75371afedf8124b943283%40%3Cissues.spark.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r2c2c7b2971360fb946bbf062c58d7245927dd1ce9150fc9987f65409%40%3Cjira.kafka.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r2c947376491a20d1cf143bf3c21ed74113e099d806cfe4c490a45ad8%40%3Creviews.spark.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r35ab810c0f3016b3fd3a3fa9088a2d2781b354a810780ce74d022b6c%40%3Cdev.kafka.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1%40%3Cdev.kafka.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r409ee2bae66bfff6aa89e6c74aff535e6248260d3afcb42bfb3b316b%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r463b12b27264c5e1e3c48c8c2cc5d33813d2f0d981102548fb3102fb%40%3Cissues.nifi.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r492cff8488a7f6eb96700afb5d137b719ddb80a833e77f971d2691c6%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r4a456d89a83752a012d88a60ff4b21def6c9f650b9e69ea9fa11c9f9%40%3Cissues.spark.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r4c92ea39167c0f7b096ae8268db496b5451d69606f0304b7c8a994c7%40%3Cissues.nifi.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r51f8975ef47c12a46fbfd7da9efea7f08e1d307fe1dc3042514659ae%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r521a077885ce79c44a799118c878589e81e525cab72d368e5cfb6f61%40%3Cissues.spark.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r5612dc69e1f79c421faf9764ffbc92591e2a69ea417c04cba57f49ea%40%3Cuser.karaf.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r562a0cbc5c8cac4d000a27b2854a8ab1b924aa9dd45f8ffbea98e5ad%40%3Cjira.kafka.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r5b7cc6ac733e0b35816751cf45d152ae246a3f40e0b1e62b101c9522%40%3Cdev.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r601f15f3de7ae3a7bbcd780c19155075c56443c2cdc1d193c03b4182%40%3Cissues.spark.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r65c714241b9d064a44fec10d60ebf5a37d5ebadd6bf88b0eed13ade0%40%3Cissues.solr.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r734f996149bb9b1796740385fcbdf3e093eb9aabedc0f20a48ea1d68%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r75ee2a529edb892ac59110cb3f6f91844a932c5034e16c8317f5668d%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r7f4ad5eec0bce2821c308bb23cac53df5c94eb84de1c58de9b95c176%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r7fbdb7880be1566f943d80fbbeefde2115c086eba1bef3115350a388%40%3Cjira.kafka.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r7ffd050d3bd7c90d95f4933560b5f4f15971ab9a5f5322fdce116243%40%3Cdev.lucene.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211%40%3Cissues.solr.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r857b31ad16c6e76002bc6cca73c83358ed2595477e288286ee82c48d%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r897a6a14d03eab09e89b809d2a650f3765065201da5bc3db9a4dd6e8%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r8b1963f16d6cb1230ca7ee73b6ec4f5c48f344191dbb1caabd265ee4%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r8dc1b13b80d39fbf4a9d158850e15cd868f0460c2f364f13dca7050b%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/ra2f529da674f25a7351543544f7d621b5227c49a0745913b1194d11e%40%3Creviews.spark.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/ra384892bab8c03a60613a6a9d5e9cae0a2b800fd882792a55520115e%40%3Ccommits.kafka.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/ra40a88a2301a3da86e25b501ff4bc88124f2b816c2917d5f3497f8f0%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/ra47a26c008487b0a739a368c846e168de06c3cd118d31ecedafa679a%40%3Cdev.kafka.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/raa6d60b00b67c0550672b4f506f0df75b323dcd25cf574e91e2f2dff%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/rb79b62ac3085e05656e41865f5a7efcbdc7dcd7843abed9c5fe0fef8%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/rc052fd4e9e9c01bead74c0b5680355ea5dc3b72d46f253cb65d03e43%40%3Ccommits.druid.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/rc721fe2910533bffb6bd4d69ea8ff4f36066d260dbcd2d14e041614a%40%3Cissues.spark.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/rd666e187ebea2fda8624683ab51e2a5ad2108f762d21bf1a383d7502%40%3Creviews.spark.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b%40%3Cjira.kafka.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/rdd6c47321db1bfe12c68a898765bf3b6f97e2afa6a501254ed4feaed%40%3Cjira.kafka.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/re03a4dbc15df6f390a2f8c0a071c31c8324dbef007e59fdc2592091a%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614%40%3Cdev.kafka.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/re19fa47ec901cc3cf6d7784027198e8113f8bc2dbfd6c9d6d13f5447%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/re3bd4f831f9be49871cb6adb997289b5dbcd6fe4bc5cb08223254080%40%3Cdev.lucene.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/re43768896273c0b5f1a03d7f0a9d370852074489d51825fdc0d77f0f%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/re819198d4732804dc01fca8b5b144689a118ede49f6128968773595c%40%3Ccommits.kafka.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/reb3c6dc050c7ee18ea154cd94dba85d99aa6b02b84c4bb2138a4abf2%40%3Creviews.spark.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/reca91f217f9e1ce607ce6e19a1c0b3db82b5b1b58cf39a84d6434695%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf190d1d28e1367d1664ef6bc2f71227566d7b6b39209817a5364da1f%40%3Cissues.solr.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf6c2efa3137bc8c22707e550a1f9b80f74bca62b9c8a6f768f2c6b86%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf77f4c4583669f1133d58cc4f1964367e253818ed8db986bb2732f7c%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/rff630ce92a4d1bb494fc1a3f9b57a3d60819b436505bcd8c6ccc713c%40%3Ccommits.kafka.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20210401-0005/\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4949\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r068dfd35ce2193f6af28b74ff29ab148c2b2cacb235995576f5bea78%40%3Cissues.solr.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r07aedcb1ece62969c406cb84c8f0e22cec7e42cdc272f3176e473320%40%3Cusers.solr.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r0b639bd9bfaea265022125d18acd2fc6456044b76609ec74772c9567%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r0c6eced465950743f3041b03767a32b2e98d19731bd72277fc7ea428%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r0cdab13815fc419805a332278c8d27e354e78560944fc36db0bdc760%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r0e25cdf3722a24c53049d37396f0da8502cb4b7cdc481650dc601dbc%40%3Cgitbox.activemq.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r105f4e52feb051faeb9141ef78f909aaf5129d6ed1fc52e099c79463%40%3Cissues.spark.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r1414ab2b3f4bb4c0e736caff6dc8d15f93f6264f0cca5c47710d7bb3%40%3Creviews.spark.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r1b7ed296a865e3f1337a96ee9cd51f6d154d881a30da36020ca72a4b%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r1b803e6ebdac5f670708878fb1b27cd7a0ce9d774a60e797e58cee6f%40%3Cissues.nifi.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r26d9196f4d2afb9bec2784bcb6fc183aca82e4119bf41bdc613eec01%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r27ad7843d060762cc942820566eeaa9639f75371afedf8124b943283%40%3Cissues.spark.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r2c2c7b2971360fb946bbf062c58d7245927dd1ce9150fc9987f65409%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r2c947376491a20d1cf143bf3c21ed74113e099d806cfe4c490a45ad8%40%3Creviews.spark.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r35ab810c0f3016b3fd3a3fa9088a2d2781b354a810780ce74d022b6c%40%3Cdev.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1%40%3Cdev.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r409ee2bae66bfff6aa89e6c74aff535e6248260d3afcb42bfb3b316b%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r463b12b27264c5e1e3c48c8c2cc5d33813d2f0d981102548fb3102fb%40%3Cissues.nifi.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r492cff8488a7f6eb96700afb5d137b719ddb80a833e77f971d2691c6%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r4a456d89a83752a012d88a60ff4b21def6c9f650b9e69ea9fa11c9f9%40%3Cissues.spark.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r4c92ea39167c0f7b096ae8268db496b5451d69606f0304b7c8a994c7%40%3Cissues.nifi.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r51f8975ef47c12a46fbfd7da9efea7f08e1d307fe1dc3042514659ae%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r521a077885ce79c44a799118c878589e81e525cab72d368e5cfb6f61%40%3Cissues.spark.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r5612dc69e1f79c421faf9764ffbc92591e2a69ea417c04cba57f49ea%40%3Cuser.karaf.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r562a0cbc5c8cac4d000a27b2854a8ab1b924aa9dd45f8ffbea98e5ad%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r5b7cc6ac733e0b35816751cf45d152ae246a3f40e0b1e62b101c9522%40%3Cdev.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r601f15f3de7ae3a7bbcd780c19155075c56443c2cdc1d193c03b4182%40%3Cissues.spark.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r65c714241b9d064a44fec10d60ebf5a37d5ebadd6bf88b0eed13ade0%40%3Cissues.solr.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r734f996149bb9b1796740385fcbdf3e093eb9aabedc0f20a48ea1d68%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r75ee2a529edb892ac59110cb3f6f91844a932c5034e16c8317f5668d%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r7f4ad5eec0bce2821c308bb23cac53df5c94eb84de1c58de9b95c176%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r7fbdb7880be1566f943d80fbbeefde2115c086eba1bef3115350a388%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r7ffd050d3bd7c90d95f4933560b5f4f15971ab9a5f5322fdce116243%40%3Cdev.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211%40%3Cissues.solr.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r857b31ad16c6e76002bc6cca73c83358ed2595477e288286ee82c48d%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r897a6a14d03eab09e89b809d2a650f3765065201da5bc3db9a4dd6e8%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r8b1963f16d6cb1230ca7ee73b6ec4f5c48f344191dbb1caabd265ee4%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r8dc1b13b80d39fbf4a9d158850e15cd868f0460c2f364f13dca7050b%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ra2f529da674f25a7351543544f7d621b5227c49a0745913b1194d11e%40%3Creviews.spark.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ra384892bab8c03a60613a6a9d5e9cae0a2b800fd882792a55520115e%40%3Ccommits.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ra40a88a2301a3da86e25b501ff4bc88124f2b816c2917d5f3497f8f0%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/ra47a26c008487b0a739a368c846e168de06c3cd118d31ecedafa679a%40%3Cdev.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/raa6d60b00b67c0550672b4f506f0df75b323dcd25cf574e91e2f2dff%40%3Cissues.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rb79b62ac3085e05656e41865f5a7efcbdc7dcd7843abed9c5fe0fef8%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc052fd4e9e9c01bead74c0b5680355ea5dc3b72d46f253cb65d03e43%40%3Ccommits.druid.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc721fe2910533bffb6bd4d69ea8ff4f36066d260dbcd2d14e041614a%40%3Cissues.spark.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rd666e187ebea2fda8624683ab51e2a5ad2108f762d21bf1a383d7502%40%3Creviews.spark.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rdd6c47321db1bfe12c68a898765bf3b6f97e2afa6a501254ed4feaed%40%3Cjira.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/re03a4dbc15df6f390a2f8c0a071c31c8324dbef007e59fdc2592091a%40%3Ccommits.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614%40%3Cdev.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/re19fa47ec901cc3cf6d7784027198e8113f8bc2dbfd6c9d6d13f5447%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/re3bd4f831f9be49871cb6adb997289b5dbcd6fe4bc5cb08223254080%40%3Cdev.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/re43768896273c0b5f1a03d7f0a9d370852074489d51825fdc0d77f0f%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/re819198d4732804dc01fca8b5b144689a118ede49f6128968773595c%40%3Ccommits.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/reb3c6dc050c7ee18ea154cd94dba85d99aa6b02b84c4bb2138a4abf2%40%3Creviews.spark.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/reca91f217f9e1ce607ce6e19a1c0b3db82b5b1b58cf39a84d6434695%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf190d1d28e1367d1664ef6bc2f71227566d7b6b39209817a5364da1f%40%3Cissues.solr.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf6c2efa3137bc8c22707e550a1f9b80f74bca62b9c8a6f768f2c6b86%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf77f4c4583669f1133d58cc4f1964367e253818ed8db986bb2732f7c%40%3Cnotifications.zookeeper.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rff630ce92a4d1bb494fc1a3f9b57a3d60819b436505bcd8c6ccc713c%40%3Ccommits.kafka.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20210401-0005/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4949\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
Title
Уязвимость контейнера сервлетов Eclipse Jetty, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость контейнера сервлетов Eclipse Jetty связана с неконтролируемым расходом ресурсов. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании
Severity
Vendor
Сообщество свободного программного обеспечения, ООО «РусБИТех-Астра», Eclipse Foundation
Software Name
Debian GNU/Linux, Astra Linux Special Edition (запись в едином реестре российских программ №369), Jetty
Software Version
9 (Debian GNU/Linux), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), до 20.4.3.050.1904 (Jetty), от 11.0.0 до 11.70.1 включительно (Jetty), от 9.4.7 до 9.4.36 (Jetty)
Possible Mitigations
Для Jetty9:
использование рекомендаций производителя: https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211@%3Cissues.solr.apache.org%3E
Для Debian:
использование рекомендаций производителя: https://security-tracker.debian.org/tracker/CVE-2020-27223
Для Astra Linux:
использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17
Reference
https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128
https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211@%3Cissues.solr.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2020-27223
https://security-tracker.debian.org/tracker/CVE-2020-27223
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17
https://www.oracle.com/security-alerts/cpuApr2021.html
CWE
CWE-400
{
"CVSS 2.0": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Eclipse Foundation",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "9 (Debian GNU/Linux), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), \u0434\u043e 20.4.3.050.1904 (Jetty), \u043e\u0442 11.0.0 \u0434\u043e 11.70.1 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Jetty), \u043e\u0442 9.4.7 \u0434\u043e 9.4.36 (Jetty)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f Jetty9:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211@%3Cissues.solr.apache.org%3E\n\n\u0414\u043b\u044f Debian:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://security-tracker.debian.org/tracker/CVE-2020-27223\n\n\u0414\u043b\u044f Astra Linux:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "26.02.2021",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "18.01.2022",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "17.01.2022",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-00250",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2020-27223",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Jetty",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0441\u0435\u0440\u0432\u043b\u0435\u0442\u043e\u0432 Eclipse Jetty, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u043c \u0440\u0430\u0441\u0445\u043e\u0434\u043e\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u0440\u0430\u0441\u0445\u043e\u0434 \u0440\u0435\u0441\u0443\u0440\u0441\u0430 (\u00ab\u0418\u0441\u0442\u043e\u0449\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u00bb) (CWE-400)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0441\u0435\u0440\u0432\u043b\u0435\u0442\u043e\u0432 Eclipse Jetty \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u043c \u0440\u0430\u0441\u0445\u043e\u0434\u043e\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128\nhttps://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211@%3Cissues.solr.apache.org%3E\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-27223\nhttps://security-tracker.debian.org/tracker/CVE-2020-27223\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17\nhttps://www.oracle.com/security-alerts/cpuApr2021.html",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-400",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,3)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,3)"
}
bit-nifi-2020-27223
Vulnerability from bitnami_vulndb
Published
2025-09-12 11:46
Modified
2025-09-12 12:08
Summary
Details
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "nifi",
"purl": "pkg:bitnami/nifi"
},
"ranges": [
{
"events": [
{
"introduced": "1.13.0"
},
{
"last_affected": "1.13.0"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
],
"aliases": [
"CVE-2020-27223"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:apache:nifi:*:*:*:*:*:*:*:*"
],
"severity": "Medium"
},
"details": "In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of \u201cquality\u201d (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.",
"id": "BIT-nifi-2020-27223",
"modified": "2025-09-12T12:08:23.743Z",
"published": "2025-09-12T11:46:41.115Z",
"references": [
{
"type": "WEB",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
},
{
"type": "WEB",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7"
},
{
"type": "WEB",
"url": "https://github.com/jetty/jetty.project/commit/10e531756b972162eed402c44d0244f7f6b85131"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r068dfd35ce2193f6af28b74ff29ab148c2b2cacb235995576f5bea78%40%3Cissues.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r07aedcb1ece62969c406cb84c8f0e22cec7e42cdc272f3176e473320%40%3Cusers.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0b639bd9bfaea265022125d18acd2fc6456044b76609ec74772c9567%40%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0c6eced465950743f3041b03767a32b2e98d19731bd72277fc7ea428%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0cdab13815fc419805a332278c8d27e354e78560944fc36db0bdc760%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0e25cdf3722a24c53049d37396f0da8502cb4b7cdc481650dc601dbc%40%3Cgitbox.activemq.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r105f4e52feb051faeb9141ef78f909aaf5129d6ed1fc52e099c79463%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1414ab2b3f4bb4c0e736caff6dc8d15f93f6264f0cca5c47710d7bb3%40%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1b7ed296a865e3f1337a96ee9cd51f6d154d881a30da36020ca72a4b%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1b803e6ebdac5f670708878fb1b27cd7a0ce9d774a60e797e58cee6f%40%3Cissues.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r26d9196f4d2afb9bec2784bcb6fc183aca82e4119bf41bdc613eec01%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r27ad7843d060762cc942820566eeaa9639f75371afedf8124b943283%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2c2c7b2971360fb946bbf062c58d7245927dd1ce9150fc9987f65409%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2c947376491a20d1cf143bf3c21ed74113e099d806cfe4c490a45ad8%40%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r35ab810c0f3016b3fd3a3fa9088a2d2781b354a810780ce74d022b6c%40%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1%40%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r409ee2bae66bfff6aa89e6c74aff535e6248260d3afcb42bfb3b316b%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r463b12b27264c5e1e3c48c8c2cc5d33813d2f0d981102548fb3102fb%40%3Cissues.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r492cff8488a7f6eb96700afb5d137b719ddb80a833e77f971d2691c6%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r4a456d89a83752a012d88a60ff4b21def6c9f650b9e69ea9fa11c9f9%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r4c92ea39167c0f7b096ae8268db496b5451d69606f0304b7c8a994c7%40%3Cissues.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r51f8975ef47c12a46fbfd7da9efea7f08e1d307fe1dc3042514659ae%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r521a077885ce79c44a799118c878589e81e525cab72d368e5cfb6f61%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5612dc69e1f79c421faf9764ffbc92591e2a69ea417c04cba57f49ea%40%3Cuser.karaf.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r562a0cbc5c8cac4d000a27b2854a8ab1b924aa9dd45f8ffbea98e5ad%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5b7cc6ac733e0b35816751cf45d152ae246a3f40e0b1e62b101c9522%40%3Cdev.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r601f15f3de7ae3a7bbcd780c19155075c56443c2cdc1d193c03b4182%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r65c714241b9d064a44fec10d60ebf5a37d5ebadd6bf88b0eed13ade0%40%3Cissues.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r734f996149bb9b1796740385fcbdf3e093eb9aabedc0f20a48ea1d68%40%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r75ee2a529edb892ac59110cb3f6f91844a932c5034e16c8317f5668d%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7f4ad5eec0bce2821c308bb23cac53df5c94eb84de1c58de9b95c176%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7fbdb7880be1566f943d80fbbeefde2115c086eba1bef3115350a388%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7ffd050d3bd7c90d95f4933560b5f4f15971ab9a5f5322fdce116243%40%3Cdev.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211%40%3Cissues.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r857b31ad16c6e76002bc6cca73c83358ed2595477e288286ee82c48d%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r897a6a14d03eab09e89b809d2a650f3765065201da5bc3db9a4dd6e8%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r8b1963f16d6cb1230ca7ee73b6ec4f5c48f344191dbb1caabd265ee4%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r8dc1b13b80d39fbf4a9d158850e15cd868f0460c2f364f13dca7050b%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra2f529da674f25a7351543544f7d621b5227c49a0745913b1194d11e%40%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra384892bab8c03a60613a6a9d5e9cae0a2b800fd882792a55520115e%40%3Ccommits.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra40a88a2301a3da86e25b501ff4bc88124f2b816c2917d5f3497f8f0%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra47a26c008487b0a739a368c846e168de06c3cd118d31ecedafa679a%40%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/raa6d60b00b67c0550672b4f506f0df75b323dcd25cf574e91e2f2dff%40%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rb79b62ac3085e05656e41865f5a7efcbdc7dcd7843abed9c5fe0fef8%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc052fd4e9e9c01bead74c0b5680355ea5dc3b72d46f253cb65d03e43%40%3Ccommits.druid.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc721fe2910533bffb6bd4d69ea8ff4f36066d260dbcd2d14e041614a%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd666e187ebea2fda8624683ab51e2a5ad2108f762d21bf1a383d7502%40%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rdd6c47321db1bfe12c68a898765bf3b6f97e2afa6a501254ed4feaed%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re03a4dbc15df6f390a2f8c0a071c31c8324dbef007e59fdc2592091a%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614%40%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re19fa47ec901cc3cf6d7784027198e8113f8bc2dbfd6c9d6d13f5447%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re3bd4f831f9be49871cb6adb997289b5dbcd6fe4bc5cb08223254080%40%3Cdev.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re43768896273c0b5f1a03d7f0a9d370852074489d51825fdc0d77f0f%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re819198d4732804dc01fca8b5b144689a118ede49f6128968773595c%40%3Ccommits.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/reb3c6dc050c7ee18ea154cd94dba85d99aa6b02b84c4bb2138a4abf2%40%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/reca91f217f9e1ce607ce6e19a1c0b3db82b5b1b58cf39a84d6434695%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf190d1d28e1367d1664ef6bc2f71227566d7b6b39209817a5364da1f%40%3Cissues.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf6c2efa3137bc8c22707e550a1f9b80f74bca62b9c8a6f768f2c6b86%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf77f4c4583669f1133d58cc4f1964367e253818ed8db986bb2732f7c%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rff630ce92a4d1bb494fc1a3f9b57a3d60819b436505bcd8c6ccc713c%40%3Ccommits.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27223"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210401-0005/"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4949"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
}
],
"schema_version": "1.6.2"
}
bit-solr-2020-27223
Vulnerability from bitnami_vulndb
Published
2024-03-06 11:07
Modified
2025-08-21 06:07
Summary
Details
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "solr",
"purl": "pkg:bitnami/solr"
},
"ranges": [
{
"events": [
{
"introduced": "8.8.1"
},
{
"fixed": "8.8.2"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
],
"aliases": [
"CVE-2020-27223"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:apache:solr:8.8.1:*:*:*:*:*:*:*",
"cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*"
],
"severity": "Medium"
},
"details": "In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of \u201cquality\u201d (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.",
"id": "BIT-solr-2020-27223",
"modified": "2025-08-21T06:07:51.380Z",
"published": "2024-03-06T11:07:09.675Z",
"references": [
{
"type": "WEB",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
},
{
"type": "WEB",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r068dfd35ce2193f6af28b74ff29ab148c2b2cacb235995576f5bea78%40%3Cissues.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r07aedcb1ece62969c406cb84c8f0e22cec7e42cdc272f3176e473320%40%3Cusers.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0b639bd9bfaea265022125d18acd2fc6456044b76609ec74772c9567%40%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0c6eced465950743f3041b03767a32b2e98d19731bd72277fc7ea428%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0cdab13815fc419805a332278c8d27e354e78560944fc36db0bdc760%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0e25cdf3722a24c53049d37396f0da8502cb4b7cdc481650dc601dbc%40%3Cgitbox.activemq.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r105f4e52feb051faeb9141ef78f909aaf5129d6ed1fc52e099c79463%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1414ab2b3f4bb4c0e736caff6dc8d15f93f6264f0cca5c47710d7bb3%40%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1b7ed296a865e3f1337a96ee9cd51f6d154d881a30da36020ca72a4b%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1b803e6ebdac5f670708878fb1b27cd7a0ce9d774a60e797e58cee6f%40%3Cissues.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r26d9196f4d2afb9bec2784bcb6fc183aca82e4119bf41bdc613eec01%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r27ad7843d060762cc942820566eeaa9639f75371afedf8124b943283%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2c2c7b2971360fb946bbf062c58d7245927dd1ce9150fc9987f65409%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2c947376491a20d1cf143bf3c21ed74113e099d806cfe4c490a45ad8%40%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r35ab810c0f3016b3fd3a3fa9088a2d2781b354a810780ce74d022b6c%40%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1%40%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r409ee2bae66bfff6aa89e6c74aff535e6248260d3afcb42bfb3b316b%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r463b12b27264c5e1e3c48c8c2cc5d33813d2f0d981102548fb3102fb%40%3Cissues.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r492cff8488a7f6eb96700afb5d137b719ddb80a833e77f971d2691c6%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r4a456d89a83752a012d88a60ff4b21def6c9f650b9e69ea9fa11c9f9%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r4c92ea39167c0f7b096ae8268db496b5451d69606f0304b7c8a994c7%40%3Cissues.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r51f8975ef47c12a46fbfd7da9efea7f08e1d307fe1dc3042514659ae%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r521a077885ce79c44a799118c878589e81e525cab72d368e5cfb6f61%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5612dc69e1f79c421faf9764ffbc92591e2a69ea417c04cba57f49ea%40%3Cuser.karaf.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r562a0cbc5c8cac4d000a27b2854a8ab1b924aa9dd45f8ffbea98e5ad%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5b7cc6ac733e0b35816751cf45d152ae246a3f40e0b1e62b101c9522%40%3Cdev.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r601f15f3de7ae3a7bbcd780c19155075c56443c2cdc1d193c03b4182%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r65c714241b9d064a44fec10d60ebf5a37d5ebadd6bf88b0eed13ade0%40%3Cissues.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r734f996149bb9b1796740385fcbdf3e093eb9aabedc0f20a48ea1d68%40%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r75ee2a529edb892ac59110cb3f6f91844a932c5034e16c8317f5668d%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7f4ad5eec0bce2821c308bb23cac53df5c94eb84de1c58de9b95c176%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7fbdb7880be1566f943d80fbbeefde2115c086eba1bef3115350a388%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7ffd050d3bd7c90d95f4933560b5f4f15971ab9a5f5322fdce116243%40%3Cdev.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211%40%3Cissues.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r857b31ad16c6e76002bc6cca73c83358ed2595477e288286ee82c48d%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r897a6a14d03eab09e89b809d2a650f3765065201da5bc3db9a4dd6e8%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r8b1963f16d6cb1230ca7ee73b6ec4f5c48f344191dbb1caabd265ee4%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r8dc1b13b80d39fbf4a9d158850e15cd868f0460c2f364f13dca7050b%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra2f529da674f25a7351543544f7d621b5227c49a0745913b1194d11e%40%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra384892bab8c03a60613a6a9d5e9cae0a2b800fd882792a55520115e%40%3Ccommits.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra40a88a2301a3da86e25b501ff4bc88124f2b816c2917d5f3497f8f0%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra47a26c008487b0a739a368c846e168de06c3cd118d31ecedafa679a%40%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/raa6d60b00b67c0550672b4f506f0df75b323dcd25cf574e91e2f2dff%40%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rb79b62ac3085e05656e41865f5a7efcbdc7dcd7843abed9c5fe0fef8%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc052fd4e9e9c01bead74c0b5680355ea5dc3b72d46f253cb65d03e43%40%3Ccommits.druid.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc721fe2910533bffb6bd4d69ea8ff4f36066d260dbcd2d14e041614a%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd666e187ebea2fda8624683ab51e2a5ad2108f762d21bf1a383d7502%40%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rdd6c47321db1bfe12c68a898765bf3b6f97e2afa6a501254ed4feaed%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re03a4dbc15df6f390a2f8c0a071c31c8324dbef007e59fdc2592091a%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614%40%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re19fa47ec901cc3cf6d7784027198e8113f8bc2dbfd6c9d6d13f5447%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re3bd4f831f9be49871cb6adb997289b5dbcd6fe4bc5cb08223254080%40%3Cdev.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re43768896273c0b5f1a03d7f0a9d370852074489d51825fdc0d77f0f%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re819198d4732804dc01fca8b5b144689a118ede49f6128968773595c%40%3Ccommits.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/reb3c6dc050c7ee18ea154cd94dba85d99aa6b02b84c4bb2138a4abf2%40%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/reca91f217f9e1ce607ce6e19a1c0b3db82b5b1b58cf39a84d6434695%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf190d1d28e1367d1664ef6bc2f71227566d7b6b39209817a5364da1f%40%3Cissues.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf6c2efa3137bc8c22707e550a1f9b80f74bca62b9c8a6f768f2c6b86%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf77f4c4583669f1133d58cc4f1964367e253818ed8db986bb2732f7c%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rff630ce92a4d1bb494fc1a3f9b57a3d60819b436505bcd8c6ccc713c%40%3Ccommits.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210401-0005/"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4949"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27223"
},
{
"type": "WEB",
"url": "https://github.com/jetty/jetty.project/commit/10e531756b972162eed402c44d0244f7f6b85131"
}
],
"schema_version": "1.5.0"
}
bit-spark-2020-27223
Vulnerability from bitnami_vulndb
Published
2024-03-06 11:06
Modified
2025-08-21 06:07
Summary
Details
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "spark",
"purl": "pkg:bitnami/spark"
},
"ranges": [
{
"events": [
{
"introduced": "3.1.1"
},
{
"fixed": "3.1.2"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
],
"aliases": [
"CVE-2020-27223"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:apache:spark:3.1.1:-:*:*:*:*:*:*",
"cpe:2.3:a:apache:spark:*:*:*:*:*:*:*:*"
],
"severity": "Medium"
},
"details": "In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of \u201cquality\u201d (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.",
"id": "BIT-spark-2020-27223",
"modified": "2025-08-21T06:07:51.380Z",
"published": "2024-03-06T11:06:09.866Z",
"references": [
{
"type": "WEB",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
},
{
"type": "WEB",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r068dfd35ce2193f6af28b74ff29ab148c2b2cacb235995576f5bea78%40%3Cissues.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r07aedcb1ece62969c406cb84c8f0e22cec7e42cdc272f3176e473320%40%3Cusers.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0b639bd9bfaea265022125d18acd2fc6456044b76609ec74772c9567%40%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0c6eced465950743f3041b03767a32b2e98d19731bd72277fc7ea428%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0cdab13815fc419805a332278c8d27e354e78560944fc36db0bdc760%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0e25cdf3722a24c53049d37396f0da8502cb4b7cdc481650dc601dbc%40%3Cgitbox.activemq.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r105f4e52feb051faeb9141ef78f909aaf5129d6ed1fc52e099c79463%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1414ab2b3f4bb4c0e736caff6dc8d15f93f6264f0cca5c47710d7bb3%40%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1b7ed296a865e3f1337a96ee9cd51f6d154d881a30da36020ca72a4b%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1b803e6ebdac5f670708878fb1b27cd7a0ce9d774a60e797e58cee6f%40%3Cissues.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r26d9196f4d2afb9bec2784bcb6fc183aca82e4119bf41bdc613eec01%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r27ad7843d060762cc942820566eeaa9639f75371afedf8124b943283%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2c2c7b2971360fb946bbf062c58d7245927dd1ce9150fc9987f65409%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2c947376491a20d1cf143bf3c21ed74113e099d806cfe4c490a45ad8%40%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r35ab810c0f3016b3fd3a3fa9088a2d2781b354a810780ce74d022b6c%40%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1%40%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r409ee2bae66bfff6aa89e6c74aff535e6248260d3afcb42bfb3b316b%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r463b12b27264c5e1e3c48c8c2cc5d33813d2f0d981102548fb3102fb%40%3Cissues.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r492cff8488a7f6eb96700afb5d137b719ddb80a833e77f971d2691c6%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r4a456d89a83752a012d88a60ff4b21def6c9f650b9e69ea9fa11c9f9%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r4c92ea39167c0f7b096ae8268db496b5451d69606f0304b7c8a994c7%40%3Cissues.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r51f8975ef47c12a46fbfd7da9efea7f08e1d307fe1dc3042514659ae%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r521a077885ce79c44a799118c878589e81e525cab72d368e5cfb6f61%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5612dc69e1f79c421faf9764ffbc92591e2a69ea417c04cba57f49ea%40%3Cuser.karaf.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r562a0cbc5c8cac4d000a27b2854a8ab1b924aa9dd45f8ffbea98e5ad%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5b7cc6ac733e0b35816751cf45d152ae246a3f40e0b1e62b101c9522%40%3Cdev.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r601f15f3de7ae3a7bbcd780c19155075c56443c2cdc1d193c03b4182%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r65c714241b9d064a44fec10d60ebf5a37d5ebadd6bf88b0eed13ade0%40%3Cissues.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r734f996149bb9b1796740385fcbdf3e093eb9aabedc0f20a48ea1d68%40%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r75ee2a529edb892ac59110cb3f6f91844a932c5034e16c8317f5668d%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7f4ad5eec0bce2821c308bb23cac53df5c94eb84de1c58de9b95c176%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7fbdb7880be1566f943d80fbbeefde2115c086eba1bef3115350a388%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7ffd050d3bd7c90d95f4933560b5f4f15971ab9a5f5322fdce116243%40%3Cdev.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211%40%3Cissues.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r857b31ad16c6e76002bc6cca73c83358ed2595477e288286ee82c48d%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r897a6a14d03eab09e89b809d2a650f3765065201da5bc3db9a4dd6e8%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r8b1963f16d6cb1230ca7ee73b6ec4f5c48f344191dbb1caabd265ee4%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r8dc1b13b80d39fbf4a9d158850e15cd868f0460c2f364f13dca7050b%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra2f529da674f25a7351543544f7d621b5227c49a0745913b1194d11e%40%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra384892bab8c03a60613a6a9d5e9cae0a2b800fd882792a55520115e%40%3Ccommits.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra40a88a2301a3da86e25b501ff4bc88124f2b816c2917d5f3497f8f0%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra47a26c008487b0a739a368c846e168de06c3cd118d31ecedafa679a%40%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/raa6d60b00b67c0550672b4f506f0df75b323dcd25cf574e91e2f2dff%40%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rb79b62ac3085e05656e41865f5a7efcbdc7dcd7843abed9c5fe0fef8%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc052fd4e9e9c01bead74c0b5680355ea5dc3b72d46f253cb65d03e43%40%3Ccommits.druid.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc721fe2910533bffb6bd4d69ea8ff4f36066d260dbcd2d14e041614a%40%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd666e187ebea2fda8624683ab51e2a5ad2108f762d21bf1a383d7502%40%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rdd6c47321db1bfe12c68a898765bf3b6f97e2afa6a501254ed4feaed%40%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re03a4dbc15df6f390a2f8c0a071c31c8324dbef007e59fdc2592091a%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614%40%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re19fa47ec901cc3cf6d7784027198e8113f8bc2dbfd6c9d6d13f5447%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re3bd4f831f9be49871cb6adb997289b5dbcd6fe4bc5cb08223254080%40%3Cdev.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re43768896273c0b5f1a03d7f0a9d370852074489d51825fdc0d77f0f%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re819198d4732804dc01fca8b5b144689a118ede49f6128968773595c%40%3Ccommits.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/reb3c6dc050c7ee18ea154cd94dba85d99aa6b02b84c4bb2138a4abf2%40%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/reca91f217f9e1ce607ce6e19a1c0b3db82b5b1b58cf39a84d6434695%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf190d1d28e1367d1664ef6bc2f71227566d7b6b39209817a5364da1f%40%3Cissues.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf6c2efa3137bc8c22707e550a1f9b80f74bca62b9c8a6f768f2c6b86%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf77f4c4583669f1133d58cc4f1964367e253818ed8db986bb2732f7c%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rff630ce92a4d1bb494fc1a3f9b57a3d60819b436505bcd8c6ccc713c%40%3Ccommits.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210401-0005/"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4949"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27223"
},
{
"type": "WEB",
"url": "https://github.com/jetty/jetty.project/commit/10e531756b972162eed402c44d0244f7f6b85131"
}
],
"schema_version": "1.5.0"
}
CERTFR-2021-AVI-951
Vulnerability from certfr_avis - Published: 2021-12-15 - Updated: 2021-12-15
De multiples vulnérabilités ont été découvertes dans le noyau Linux de RedHat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 8.4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - TUS 8.4 x86_64 | ||
| Red Hat | N/A | Red Hat JBoss Middleware Text-Only Advisories for MIDDLEWARE 1 x86_64 | ||
| SolarWinds | Platform | Red Hat OpenShift Container Platform for Power 4.8 for RHEL 8 ppc64le | ||
| Red Hat | N/A | Red Hat Integration Text-Only Advisories x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64 | ||
| Red Hat | N/A | Red Hat Openshift Application Runtimes Text-Only Advisories x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64 | ||
| Red Hat | N/A | Red Hat Integration - Camel K 1 x86_64 | ||
| SolarWinds | Platform | Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le | ||
| Red Hat | N/A | Red Hat Fuse 1 x86_64 | ||
| SolarWinds | Platform | Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.8 for RHEL 8 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64 | ||
| Red Hat | N/A | Red Hat JBoss Data Grid Text-Only Advisories x86_64 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Red Hat Enterprise Linux Server - AUS 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - TUS 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat JBoss Middleware Text-Only Advisories for MIDDLEWARE 1 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat OpenShift Container Platform for Power 4.8 for RHEL 8 ppc64le",
"product": {
"name": "Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Red Hat Integration Text-Only Advisories x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.4 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Openshift Application Runtimes Text-Only Advisories x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Integration - Camel K 1 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat OpenShift Container Platform 4.8 for RHEL 8 x86_64",
"product": {
"name": "Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Fuse 1 x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.8 for RHEL 8 s390x",
"product": {
"name": "Platform",
"vendor": {
"name": "SolarWinds",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat JBoss Data Grid Text-Only Advisories x86_64",
"product": {
"name": "N/A",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-27223",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27223"
},
{
"name": "CVE-2020-27218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27218"
},
{
"name": "CVE-2021-21343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21343"
},
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"name": "CVE-2021-22118",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22118"
},
{
"name": "CVE-2020-2875",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2875"
},
{
"name": "CVE-2021-3536",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3536"
},
{
"name": "CVE-2021-28169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28169"
},
{
"name": "CVE-2021-21348",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21348"
},
{
"name": "CVE-2020-11988",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11988"
},
{
"name": "CVE-2020-35510",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35510"
},
{
"name": "CVE-2021-45606",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45606"
},
{
"name": "CVE-2020-2934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2934"
},
{
"name": "CVE-2021-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21344"
},
{
"name": "CVE-2020-26259",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26259"
},
{
"name": "CVE-2021-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3597"
},
{
"name": "CVE-2021-28170",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28170"
},
{
"name": "CVE-2021-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21341"
},
{
"name": "CVE-2020-13949",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13949"
},
{
"name": "CVE-2021-4104",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4104"
},
{
"name": "CVE-2021-3690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3690"
},
{
"name": "CVE-2020-17521",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17521"
},
{
"name": "CVE-2021-22696",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22696"
},
{
"name": "CVE-2021-28163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28163"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2020-9488",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9488"
},
{
"name": "CVE-2021-21347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21347"
},
{
"name": "CVE-2021-27568",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27568"
},
{
"name": "CVE-2020-26217",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26217"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2021-23926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23926"
},
{
"name": "CVE-2019-10744",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10744"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2021-21346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21346"
},
{
"name": "CVE-2021-30468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30468"
},
{
"name": "CVE-2021-21351",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21351"
},
{
"name": "CVE-2021-21345",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21345"
},
{
"name": "CVE-2020-28491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28491"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2021-37714",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37714"
},
{
"name": "CVE-2019-12415",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12415"
},
{
"name": "CVE-2021-20218",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20218"
},
{
"name": "CVE-2020-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27782"
},
{
"name": "CVE-2021-30129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30129"
},
{
"name": "CVE-2020-17527",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17527"
},
{
"name": "CVE-2021-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21349"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2020-13943",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13943"
},
{
"name": "CVE-2020-15522",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15522"
},
{
"name": "CVE-2021-28164",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28164"
},
{
"name": "CVE-2020-11987",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11987"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2021-21342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21342"
},
{
"name": "CVE-2021-3629",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3629"
},
{
"name": "CVE-2021-21350",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21350"
},
{
"name": "CVE-2021-34428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34428"
}
],
"initial_release_date": "2021-12-15T00:00:00",
"last_revision_date": "2021-12-15T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5101 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHBA-2021:5101"
}
],
"reference": "CERTFR-2021-AVI-951",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-12-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nRedHat. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de RedHat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5130 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5130"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHBA-2021:5114 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHBA-2021:5114"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5138 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5138"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5132 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5132"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5126 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5126"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5134 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5134"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5133 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5133"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5108 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5108"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2021:5093 du 14 d\u00e9cembre 2021",
"url": "https://access.redhat.com/errata/RHSA-2021:5093"
}
]
}
CERTFR-2023-AVI-0357
Vulnerability from certfr_avis - Published: 2023-05-05 - Updated: 2023-05-05
De multiples vulnérabilités ont été découvertes dans IBM Cognos. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Cognos Command Center version 10.2.4.1 sans le correctif de s\u00e9curit\u00e9 IF17",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-27223",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27223"
},
{
"name": "CVE-2020-27218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27218"
},
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2021-28169",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28169"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-420004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-420004"
},
{
"name": "CVE-2022-31160",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31160"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2022-2048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2048"
},
{
"name": "CVE-2021-28165",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28165"
},
{
"name": "CVE-2021-37533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37533"
},
{
"name": "CVE-2017-7658",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7658"
},
{
"name": "CVE-2022-2047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2047"
},
{
"name": "CVE-2022-42889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42889"
},
{
"name": "CVE-2018-12545",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12545"
},
{
"name": "CVE-2022-21449",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21449"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2017-7657",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7657"
},
{
"name": "CVE-2018-12536",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12536"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2022-2191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2191"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2022-38707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38707"
},
{
"name": "CVE-2019-10241",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10241"
},
{
"name": "CVE-2019-10247",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10247"
},
{
"name": "CVE-2017-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7656"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2021-34428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34428"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
}
],
"initial_release_date": "2023-05-05T00:00:00",
"last_revision_date": "2023-05-05T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0357",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-05-05T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM Cognos.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM Cognos",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6988263 du 04 mai 2023",
"url": "https://www.ibm.com/support/pages/node/6988263"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6983274 du 04 mai 2023",
"url": "https://www.ibm.com/support/pages/node/6983274"
}
]
}
FKIE_CVE-2020-27223
Vulnerability from fkie_nvd - Published: 2021-02-26 22:15 - Updated: 2025-08-20 10:15
Severity
5.2 (Medium) - CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eclipse | jetty | * | |
| eclipse | jetty | 9.4.6 | |
| eclipse | jetty | 9.4.6 | |
| eclipse | jetty | 9.4.36 | |
| eclipse | jetty | 9.4.36 | |
| eclipse | jetty | 10.0.0 | |
| eclipse | jetty | 11.0.0 | |
| apache | nifi | 1.13.0 | |
| apache | spark | 3.1.1 | |
| netapp | e-series_santricity_os_controller | * | |
| netapp | e-series_santricity_web_services | - | |
| netapp | element_plug-in_for_vcenter_server | - | |
| netapp | hci | - | |
| netapp | hci_management_node | - | |
| netapp | management_services_for_element_software | - | |
| netapp | snap_creator_framework | - | |
| netapp | snapcenter | - | |
| netapp | snapmanager | - | |
| netapp | snapmanager | - | |
| netapp | solidfire | - | |
| debian | debian_linux | 10.0 | |
| apache | solr | 8.8.1 | |
| oracle | rest_data_services | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F30DCAA9-4998-4E2F-9341-8E0F1752CB92",
"versionEndExcluding": "9.4.36",
"versionStartIncluding": "9.4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.6:20170531:*:*:*:*:*:*",
"matchCriteriaId": "16872138-6AF5-418F-998F-1220DA602AE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.6:20180619:*:*:*:*:*:*",
"matchCriteriaId": "3211336E-0EE6-4676-AEFA-A778176C0ECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.36:-:*:*:*:*:*:*",
"matchCriteriaId": "23BC90F3-4107-46B6-8135-42374512EDDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:9.4.36:20210114:*:*:*:*:*:*",
"matchCriteriaId": "F8B77C51-6991-4C6B-9112-AC87B0E9D530",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:10.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5737CF3E-AA46-45DD-801A-E22ACCDB00CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:11.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "52F4E0D3-9709-4073-9DE0-F36CDD3DB62F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:nifi:1.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12AA1D39-F2E2-48E7-9D9F-49F5E52F29B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:spark:3.1.1:-:*:*:*:*:*:*",
"matchCriteriaId": "16A8F28D-5F62-4F99-9292-20E039E0756B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF971916-C526-43A9-BD80-985BCC476569",
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*",
"matchCriteriaId": "1AEFF829-A8F2-4041-8DDF-E705DB3ADED2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_plug-in_for_vcenter_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "214712B6-59AF-4B5E-84BF-AF3C74A390EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A6E548F-62E9-40CB-85DA-FDAA0F0096C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C19813-E823-456A-B1CE-EC0684CE1953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86B51137-28D9-41F2-AFA2-3CC22B4954D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F4754FB-E3EB-454A-AB1A-AE3835C5350C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"matchCriteriaId": "64DE38C8-94F1-4860-B045-F33928F676A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:solr:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42672AEA-5920-4951-ADCF-5D5AA4AB4A77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:*",
"matchCriteriaId": "D0AFFDC9-8EBA-45A2-AD53-18E663AF4631",
"versionEndExcluding": "20.4.3.050.1904",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of \u201cquality\u201d (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values."
},
{
"lang": "es",
"value": "En Eclipse Jetty versiones 9.4.6.v20170531 hasta 9.4.36.v20210114 (inclusive), versiones 10.0.0 y 11.0.0, cuando Jetty maneja una petici\u00f3n que contiene m\u00faltiples encabezados Accept con una gran cantidad de par\u00e1metros \u201cquality\u201d (es decir, q), el servidor puede entrar en un estado de denegaci\u00f3n de servicio (DoS) debido al alto uso de CPU procesando esos valores de calidad, resultando en minutos de tiempo de CPU agotados procesando esos valores de calidad"
}
],
"id": "CVE-2020-27223",
"lastModified": "2025-08-20T10:15:27.843",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 3.6,
"source": "emo@eclipse.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-26T22:15:19.317",
"references": [
{
"source": "emo@eclipse.org",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
},
{
"source": "emo@eclipse.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7"
},
{
"source": "emo@eclipse.org",
"url": "https://github.com/jetty/jetty.project/commit/10e531756b972162eed402c44d0244f7f6b85131"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r068dfd35ce2193f6af28b74ff29ab148c2b2cacb235995576f5bea78%40%3Cissues.solr.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r07aedcb1ece62969c406cb84c8f0e22cec7e42cdc272f3176e473320%40%3Cusers.solr.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r0b639bd9bfaea265022125d18acd2fc6456044b76609ec74772c9567%40%3Cissues.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r0c6eced465950743f3041b03767a32b2e98d19731bd72277fc7ea428%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r0cdab13815fc419805a332278c8d27e354e78560944fc36db0bdc760%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r0e25cdf3722a24c53049d37396f0da8502cb4b7cdc481650dc601dbc%40%3Cgitbox.activemq.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r105f4e52feb051faeb9141ef78f909aaf5129d6ed1fc52e099c79463%40%3Cissues.spark.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r1414ab2b3f4bb4c0e736caff6dc8d15f93f6264f0cca5c47710d7bb3%40%3Creviews.spark.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r1b7ed296a865e3f1337a96ee9cd51f6d154d881a30da36020ca72a4b%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r1b803e6ebdac5f670708878fb1b27cd7a0ce9d774a60e797e58cee6f%40%3Cissues.nifi.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r26d9196f4d2afb9bec2784bcb6fc183aca82e4119bf41bdc613eec01%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r27ad7843d060762cc942820566eeaa9639f75371afedf8124b943283%40%3Cissues.spark.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r2c2c7b2971360fb946bbf062c58d7245927dd1ce9150fc9987f65409%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r2c947376491a20d1cf143bf3c21ed74113e099d806cfe4c490a45ad8%40%3Creviews.spark.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r35ab810c0f3016b3fd3a3fa9088a2d2781b354a810780ce74d022b6c%40%3Cdev.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1%40%3Cdev.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r409ee2bae66bfff6aa89e6c74aff535e6248260d3afcb42bfb3b316b%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r463b12b27264c5e1e3c48c8c2cc5d33813d2f0d981102548fb3102fb%40%3Cissues.nifi.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r492cff8488a7f6eb96700afb5d137b719ddb80a833e77f971d2691c6%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r4a456d89a83752a012d88a60ff4b21def6c9f650b9e69ea9fa11c9f9%40%3Cissues.spark.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r4c92ea39167c0f7b096ae8268db496b5451d69606f0304b7c8a994c7%40%3Cissues.nifi.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r51f8975ef47c12a46fbfd7da9efea7f08e1d307fe1dc3042514659ae%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r521a077885ce79c44a799118c878589e81e525cab72d368e5cfb6f61%40%3Cissues.spark.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r5612dc69e1f79c421faf9764ffbc92591e2a69ea417c04cba57f49ea%40%3Cuser.karaf.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r562a0cbc5c8cac4d000a27b2854a8ab1b924aa9dd45f8ffbea98e5ad%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r5b7cc6ac733e0b35816751cf45d152ae246a3f40e0b1e62b101c9522%40%3Cdev.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r601f15f3de7ae3a7bbcd780c19155075c56443c2cdc1d193c03b4182%40%3Cissues.spark.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r65c714241b9d064a44fec10d60ebf5a37d5ebadd6bf88b0eed13ade0%40%3Cissues.solr.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r734f996149bb9b1796740385fcbdf3e093eb9aabedc0f20a48ea1d68%40%3Cissues.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r75ee2a529edb892ac59110cb3f6f91844a932c5034e16c8317f5668d%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r7f4ad5eec0bce2821c308bb23cac53df5c94eb84de1c58de9b95c176%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r7fbdb7880be1566f943d80fbbeefde2115c086eba1bef3115350a388%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r7ffd050d3bd7c90d95f4933560b5f4f15971ab9a5f5322fdce116243%40%3Cdev.lucene.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211%40%3Cissues.solr.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r857b31ad16c6e76002bc6cca73c83358ed2595477e288286ee82c48d%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r897a6a14d03eab09e89b809d2a650f3765065201da5bc3db9a4dd6e8%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r8b1963f16d6cb1230ca7ee73b6ec4f5c48f344191dbb1caabd265ee4%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/r8dc1b13b80d39fbf4a9d158850e15cd868f0460c2f364f13dca7050b%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/ra2f529da674f25a7351543544f7d621b5227c49a0745913b1194d11e%40%3Creviews.spark.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/ra384892bab8c03a60613a6a9d5e9cae0a2b800fd882792a55520115e%40%3Ccommits.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/ra40a88a2301a3da86e25b501ff4bc88124f2b816c2917d5f3497f8f0%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/ra47a26c008487b0a739a368c846e168de06c3cd118d31ecedafa679a%40%3Cdev.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/raa6d60b00b67c0550672b4f506f0df75b323dcd25cf574e91e2f2dff%40%3Cissues.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/rb79b62ac3085e05656e41865f5a7efcbdc7dcd7843abed9c5fe0fef8%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/rc052fd4e9e9c01bead74c0b5680355ea5dc3b72d46f253cb65d03e43%40%3Ccommits.druid.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/rc721fe2910533bffb6bd4d69ea8ff4f36066d260dbcd2d14e041614a%40%3Cissues.spark.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/rd666e187ebea2fda8624683ab51e2a5ad2108f762d21bf1a383d7502%40%3Creviews.spark.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/rdd6c47321db1bfe12c68a898765bf3b6f97e2afa6a501254ed4feaed%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/re03a4dbc15df6f390a2f8c0a071c31c8324dbef007e59fdc2592091a%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614%40%3Cdev.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/re19fa47ec901cc3cf6d7784027198e8113f8bc2dbfd6c9d6d13f5447%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/re3bd4f831f9be49871cb6adb997289b5dbcd6fe4bc5cb08223254080%40%3Cdev.lucene.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/re43768896273c0b5f1a03d7f0a9d370852074489d51825fdc0d77f0f%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/re819198d4732804dc01fca8b5b144689a118ede49f6128968773595c%40%3Ccommits.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/reb3c6dc050c7ee18ea154cd94dba85d99aa6b02b84c4bb2138a4abf2%40%3Creviews.spark.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/reca91f217f9e1ce607ce6e19a1c0b3db82b5b1b58cf39a84d6434695%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/rf190d1d28e1367d1664ef6bc2f71227566d7b6b39209817a5364da1f%40%3Cissues.solr.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/rf6c2efa3137bc8c22707e550a1f9b80f74bca62b9c8a6f768f2c6b86%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/rf77f4c4583669f1133d58cc4f1964367e253818ed8db986bb2732f7c%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"url": "https://lists.apache.org/thread.html/rff630ce92a4d1bb494fc1a3f9b57a3d60819b436505bcd8c6ccc713c%40%3Ccommits.kafka.apache.org%3E"
},
{
"source": "emo@eclipse.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210401-0005/"
},
{
"source": "emo@eclipse.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4949"
},
{
"source": "emo@eclipse.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r068dfd35ce2193f6af28b74ff29ab148c2b2cacb235995576f5bea78%40%3Cissues.solr.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r07aedcb1ece62969c406cb84c8f0e22cec7e42cdc272f3176e473320%40%3Cusers.solr.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r0b639bd9bfaea265022125d18acd2fc6456044b76609ec74772c9567%40%3Cissues.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r0c6eced465950743f3041b03767a32b2e98d19731bd72277fc7ea428%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r0cdab13815fc419805a332278c8d27e354e78560944fc36db0bdc760%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r0e25cdf3722a24c53049d37396f0da8502cb4b7cdc481650dc601dbc%40%3Cgitbox.activemq.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r105f4e52feb051faeb9141ef78f909aaf5129d6ed1fc52e099c79463%40%3Cissues.spark.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r1414ab2b3f4bb4c0e736caff6dc8d15f93f6264f0cca5c47710d7bb3%40%3Creviews.spark.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r1b7ed296a865e3f1337a96ee9cd51f6d154d881a30da36020ca72a4b%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r1b803e6ebdac5f670708878fb1b27cd7a0ce9d774a60e797e58cee6f%40%3Cissues.nifi.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r26d9196f4d2afb9bec2784bcb6fc183aca82e4119bf41bdc613eec01%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r27ad7843d060762cc942820566eeaa9639f75371afedf8124b943283%40%3Cissues.spark.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r2c2c7b2971360fb946bbf062c58d7245927dd1ce9150fc9987f65409%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r2c947376491a20d1cf143bf3c21ed74113e099d806cfe4c490a45ad8%40%3Creviews.spark.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r35ab810c0f3016b3fd3a3fa9088a2d2781b354a810780ce74d022b6c%40%3Cdev.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1%40%3Cdev.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r409ee2bae66bfff6aa89e6c74aff535e6248260d3afcb42bfb3b316b%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r463b12b27264c5e1e3c48c8c2cc5d33813d2f0d981102548fb3102fb%40%3Cissues.nifi.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r492cff8488a7f6eb96700afb5d137b719ddb80a833e77f971d2691c6%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r4a456d89a83752a012d88a60ff4b21def6c9f650b9e69ea9fa11c9f9%40%3Cissues.spark.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r4c92ea39167c0f7b096ae8268db496b5451d69606f0304b7c8a994c7%40%3Cissues.nifi.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r51f8975ef47c12a46fbfd7da9efea7f08e1d307fe1dc3042514659ae%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r521a077885ce79c44a799118c878589e81e525cab72d368e5cfb6f61%40%3Cissues.spark.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r5612dc69e1f79c421faf9764ffbc92591e2a69ea417c04cba57f49ea%40%3Cuser.karaf.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r562a0cbc5c8cac4d000a27b2854a8ab1b924aa9dd45f8ffbea98e5ad%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r5b7cc6ac733e0b35816751cf45d152ae246a3f40e0b1e62b101c9522%40%3Cdev.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r601f15f3de7ae3a7bbcd780c19155075c56443c2cdc1d193c03b4182%40%3Cissues.spark.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r65c714241b9d064a44fec10d60ebf5a37d5ebadd6bf88b0eed13ade0%40%3Cissues.solr.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r734f996149bb9b1796740385fcbdf3e093eb9aabedc0f20a48ea1d68%40%3Cissues.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r75ee2a529edb892ac59110cb3f6f91844a932c5034e16c8317f5668d%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r7f4ad5eec0bce2821c308bb23cac53df5c94eb84de1c58de9b95c176%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r7fbdb7880be1566f943d80fbbeefde2115c086eba1bef3115350a388%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r7ffd050d3bd7c90d95f4933560b5f4f15971ab9a5f5322fdce116243%40%3Cdev.lucene.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211%40%3Cissues.solr.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r857b31ad16c6e76002bc6cca73c83358ed2595477e288286ee82c48d%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r897a6a14d03eab09e89b809d2a650f3765065201da5bc3db9a4dd6e8%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r8b1963f16d6cb1230ca7ee73b6ec4f5c48f344191dbb1caabd265ee4%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r8dc1b13b80d39fbf4a9d158850e15cd868f0460c2f364f13dca7050b%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/ra2f529da674f25a7351543544f7d621b5227c49a0745913b1194d11e%40%3Creviews.spark.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/ra384892bab8c03a60613a6a9d5e9cae0a2b800fd882792a55520115e%40%3Ccommits.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/ra40a88a2301a3da86e25b501ff4bc88124f2b816c2917d5f3497f8f0%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/ra47a26c008487b0a739a368c846e168de06c3cd118d31ecedafa679a%40%3Cdev.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/raa6d60b00b67c0550672b4f506f0df75b323dcd25cf574e91e2f2dff%40%3Cissues.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rb79b62ac3085e05656e41865f5a7efcbdc7dcd7843abed9c5fe0fef8%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rc052fd4e9e9c01bead74c0b5680355ea5dc3b72d46f253cb65d03e43%40%3Ccommits.druid.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rc721fe2910533bffb6bd4d69ea8ff4f36066d260dbcd2d14e041614a%40%3Cissues.spark.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rd666e187ebea2fda8624683ab51e2a5ad2108f762d21bf1a383d7502%40%3Creviews.spark.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rdd6c47321db1bfe12c68a898765bf3b6f97e2afa6a501254ed4feaed%40%3Cjira.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re03a4dbc15df6f390a2f8c0a071c31c8324dbef007e59fdc2592091a%40%3Ccommits.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614%40%3Cdev.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re19fa47ec901cc3cf6d7784027198e8113f8bc2dbfd6c9d6d13f5447%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re3bd4f831f9be49871cb6adb997289b5dbcd6fe4bc5cb08223254080%40%3Cdev.lucene.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re43768896273c0b5f1a03d7f0a9d370852074489d51825fdc0d77f0f%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re819198d4732804dc01fca8b5b144689a118ede49f6128968773595c%40%3Ccommits.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/reb3c6dc050c7ee18ea154cd94dba85d99aa6b02b84c4bb2138a4abf2%40%3Creviews.spark.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/reca91f217f9e1ce607ce6e19a1c0b3db82b5b1b58cf39a84d6434695%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf190d1d28e1367d1664ef6bc2f71227566d7b6b39209817a5364da1f%40%3Cissues.solr.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf6c2efa3137bc8c22707e550a1f9b80f74bca62b9c8a6f768f2c6b86%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf77f4c4583669f1133d58cc4f1964367e253818ed8db986bb2732f7c%40%3Cnotifications.zookeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rff630ce92a4d1bb494fc1a3f9b57a3d60819b436505bcd8c6ccc713c%40%3Ccommits.kafka.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210401-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4949"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
}
],
"sourceIdentifier": "emo@eclipse.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-407"
}
],
"source": "emo@eclipse.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-M394-8RWW-3JR7
Vulnerability from github – Published: 2021-03-10 03:46 – Updated: 2021-10-21 14:14
VLAI
Summary
DOS vulnerability for Quoted Quality CSV headers
Details
Impact
When Jetty handles a request containing request headers with a large number of “quality” (i.e. q) parameters (such as what are seen on the Accept, Accept-Encoding, and Accept-Language request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application.
The only features within Jetty that can trigger this behavior are:
- Default Error Handling - the
Acceptrequest header with theQuotedQualityCSVis used to determine what kind of content to send back to the client (html, text, json, xml, etc) StatisticsServlet- uses theAcceptrequest header with theQuotedQualityCSVto determine what kind of content to send back to the client (xml, json, text, html, etc)HttpServletRequest.getLocale()- uses theAccept-Languagerequest header with theQuotedQualityCSVto determine which “preferred” language is returned on this call.HttpservletRequest.getLocales()- is similar to the above, but returns an ordered list of locales based on the quality values on theAccept-Languagerequest header.DefaultServlet- uses theAccept-Encodingrequest header with theQuotedQualityCSVto determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app)
Versions
QuotedQualityCSV was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531.
Currently, known vulnerable versions include:
- 9.4.6.v20170531 thru to 9.4.36.v20210114
- 10.0.0
- 11.0.0
Workarounds
Quality ordered values are used infrequently by jetty so they can be avoided by:
- Do not use the default error page/handler.
- Do not deploy the
StatisticsServletexposed to the network - Do not call
getLocaleAPI - Do not enable precompressed static content in the
DefaultServlet
Patches
All patches are available for download from the Eclipse Jetty website at https://www.eclipse.org/jetty/download.php - 9.4.37.v20210219 and greater - 10.0.1 and greater - 11.0.1 and greater
Severity
5.3 (Medium)
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty:jetty-server"
},
"ranges": [
{
"events": [
{
"introduced": "9.4.6"
},
{
"fixed": "9.4.37"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty:jetty-server"
},
"ranges": [
{
"events": [
{
"introduced": "10.0.0"
},
{
"fixed": "10.0.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"10.0.0"
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty:jetty-server"
},
"ranges": [
{
"events": [
{
"introduced": "11.0.0"
},
{
"fixed": "11.0.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.0.0"
]
}
],
"aliases": [
"CVE-2020-27223"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": true,
"github_reviewed_at": "2021-03-10T03:46:22Z",
"nvd_published_at": "2021-02-26T22:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\nWhen Jetty handles a request containing request headers with a large number of \u201cquality\u201d (i.e. q) parameters (such as what are seen on the `Accept`, `Accept-Encoding`, and `Accept-Language` request headers), the server may enter a denial of service (DoS) state due to high CPU usage while sorting the list of values based on their quality values. A single request can easily consume minutes of CPU time before it is even dispatched to the application.\n\nThe only features within Jetty that can trigger this behavior are:\n\n- Default Error Handling - the `Accept` request header with the `QuotedQualityCSV` is used to determine what kind of content to send back to the client (html, text, json, xml, etc)\n- `StatisticsServlet` - uses the `Accept` request header with the `QuotedQualityCSV` to determine what kind of content to send back to the client (xml, json, text, html, etc)\n- `HttpServletRequest.getLocale()` - uses the `Accept-Language` request header with the `QuotedQualityCSV` to determine which \u201cpreferred\u201d language is returned on this call.\n- `HttpservletRequest.getLocales()` - is similar to the above, but returns an ordered list of locales based on the quality values on the `Accept-Language` request header.\n- `DefaultServlet` - uses the `Accept-Encoding` request header with the `QuotedQualityCSV` to determine which kind of pre-compressed content should be sent back for static content (content that is not matched against a url-pattern in your web app)\n\n### Versions\n`QuotedQualityCSV` was introduced to Jetty 9.3.9.v20160517 and the bug that introduced the vulnerability was in 9.4.6.v20170531. \n\nCurrently, known vulnerable versions include:\n\n- 9.4.6.v20170531 thru to 9.4.36.v20210114\n- 10.0.0\n- 11.0.0\n\n### Workarounds\n\nQuality ordered values are used infrequently by jetty so they can be avoided by:\n\n * Do not use the default error page/handler.\n * Do not deploy the `StatisticsServlet` exposed to the network\n * Do not call `getLocale` API\n * Do not enable precompressed static content in the `DefaultServlet` \n\n### Patches\n\nAll patches are available for download from the Eclipse Jetty website at [https://www.eclipse.org/jetty/download.php](https://www.eclipse.org/jetty/download.php)\n- 9.4.37.v20210219 and greater\n- 10.0.1 and greater \n- 11.0.1 and greater",
"id": "GHSA-m394-8rww-3jr7",
"modified": "2021-10-21T14:14:05Z",
"published": "2021-03-10T03:46:47Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27223"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd666e187ebea2fda8624683ab51e2a5ad2108f762d21bf1a383d7502@%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc721fe2910533bffb6bd4d69ea8ff4f36066d260dbcd2d14e041614a@%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc052fd4e9e9c01bead74c0b5680355ea5dc3b72d46f253cb65d03e43@%3Ccommits.druid.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rb79b62ac3085e05656e41865f5a7efcbdc7dcd7843abed9c5fe0fef8@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/raa6d60b00b67c0550672b4f506f0df75b323dcd25cf574e91e2f2dff@%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra47a26c008487b0a739a368c846e168de06c3cd118d31ecedafa679a@%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra40a88a2301a3da86e25b501ff4bc88124f2b816c2917d5f3497f8f0@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra384892bab8c03a60613a6a9d5e9cae0a2b800fd882792a55520115e@%3Ccommits.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ra2f529da674f25a7351543544f7d621b5227c49a0745913b1194d11e@%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r8dc1b13b80d39fbf4a9d158850e15cd868f0460c2f364f13dca7050b@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r8b1963f16d6cb1230ca7ee73b6ec4f5c48f344191dbb1caabd265ee4@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r897a6a14d03eab09e89b809d2a650f3765065201da5bc3db9a4dd6e8@%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r857b31ad16c6e76002bc6cca73c83358ed2595477e288286ee82c48d@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211@%3Cissues.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7ffd050d3bd7c90d95f4933560b5f4f15971ab9a5f5322fdce116243@%3Cdev.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7fbdb7880be1566f943d80fbbeefde2115c086eba1bef3115350a388@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rdd6c47321db1bfe12c68a898765bf3b6f97e2afa6a501254ed4feaed@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re03a4dbc15df6f390a2f8c0a071c31c8324dbef007e59fdc2592091a@%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614@%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re19fa47ec901cc3cf6d7784027198e8113f8bc2dbfd6c9d6d13f5447@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re3bd4f831f9be49871cb6adb997289b5dbcd6fe4bc5cb08223254080@%3Cdev.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re43768896273c0b5f1a03d7f0a9d370852074489d51825fdc0d77f0f@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re819198d4732804dc01fca8b5b144689a118ede49f6128968773595c@%3Ccommits.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/reb3c6dc050c7ee18ea154cd94dba85d99aa6b02b84c4bb2138a4abf2@%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/reca91f217f9e1ce607ce6e19a1c0b3db82b5b1b58cf39a84d6434695@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf190d1d28e1367d1664ef6bc2f71227566d7b6b39209817a5364da1f@%3Cissues.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf6c2efa3137bc8c22707e550a1f9b80f74bca62b9c8a6f768f2c6b86@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf77f4c4583669f1133d58cc4f1964367e253818ed8db986bb2732f7c@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rff630ce92a4d1bb494fc1a3f9b57a3d60819b436505bcd8c6ccc713c@%3Ccommits.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210401-0005"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2c947376491a20d1cf143bf3c21ed74113e099d806cfe4c490a45ad8@%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r2c2c7b2971360fb946bbf062c58d7245927dd1ce9150fc9987f65409@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r27ad7843d060762cc942820566eeaa9639f75371afedf8124b943283@%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r26d9196f4d2afb9bec2784bcb6fc183aca82e4119bf41bdc613eec01@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1b803e6ebdac5f670708878fb1b27cd7a0ce9d774a60e797e58cee6f@%3Cissues.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1b7ed296a865e3f1337a96ee9cd51f6d154d881a30da36020ca72a4b@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r1414ab2b3f4bb4c0e736caff6dc8d15f93f6264f0cca5c47710d7bb3@%3Creviews.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r105f4e52feb051faeb9141ef78f909aaf5129d6ed1fc52e099c79463@%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0e25cdf3722a24c53049d37396f0da8502cb4b7cdc481650dc601dbc@%3Cgitbox.activemq.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0cdab13815fc419805a332278c8d27e354e78560944fc36db0bdc760@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0c6eced465950743f3041b03767a32b2e98d19731bd72277fc7ea428@%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r0b639bd9bfaea265022125d18acd2fc6456044b76609ec74772c9567@%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r07aedcb1ece62969c406cb84c8f0e22cec7e42cdc272f3176e473320@%3Cusers.solr.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r068dfd35ce2193f6af28b74ff29ab148c2b2cacb235995576f5bea78@%3Cissues.solr.apache.org%3E"
},
{
"type": "PACKAGE",
"url": "https://github.com/eclipse/jetty.project"
},
{
"type": "WEB",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r7f4ad5eec0bce2821c308bb23cac53df5c94eb84de1c58de9b95c176@%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r75ee2a529edb892ac59110cb3f6f91844a932c5034e16c8317f5668d@%3Ccommits.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r734f996149bb9b1796740385fcbdf3e093eb9aabedc0f20a48ea1d68@%3Cissues.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r601f15f3de7ae3a7bbcd780c19155075c56443c2cdc1d193c03b4182@%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5b7cc6ac733e0b35816751cf45d152ae246a3f40e0b1e62b101c9522@%3Cdev.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r562a0cbc5c8cac4d000a27b2854a8ab1b924aa9dd45f8ffbea98e5ad@%3Cjira.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r5612dc69e1f79c421faf9764ffbc92591e2a69ea417c04cba57f49ea@%3Cuser.karaf.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r521a077885ce79c44a799118c878589e81e525cab72d368e5cfb6f61@%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r51f8975ef47c12a46fbfd7da9efea7f08e1d307fe1dc3042514659ae@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r4c92ea39167c0f7b096ae8268db496b5451d69606f0304b7c8a994c7@%3Cissues.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r4a456d89a83752a012d88a60ff4b21def6c9f650b9e69ea9fa11c9f9@%3Cissues.spark.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r492cff8488a7f6eb96700afb5d137b719ddb80a833e77f971d2691c6@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r463b12b27264c5e1e3c48c8c2cc5d33813d2f0d981102548fb3102fb@%3Cissues.nifi.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r409ee2bae66bfff6aa89e6c74aff535e6248260d3afcb42bfb3b316b@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1@%3Cdev.kafka.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r35ab810c0f3016b3fd3a3fa9088a2d2781b354a810780ce74d022b6c@%3Cdev.kafka.apache.org%3E"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
],
"summary": "DOS vulnerability for Quoted Quality CSV headers"
}
GSD-2020-27223
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-27223",
"description": "In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of \u201cquality\u201d (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.",
"id": "GSD-2020-27223",
"references": [
"https://www.suse.com/security/cve/CVE-2020-27223.html",
"https://www.debian.org/security/2021/dsa-4949",
"https://access.redhat.com/errata/RHSA-2021:5134",
"https://access.redhat.com/errata/RHSA-2021:4767",
"https://access.redhat.com/errata/RHSA-2021:3700",
"https://access.redhat.com/errata/RHBA-2021:2854",
"https://access.redhat.com/errata/RHSA-2021:2689",
"https://access.redhat.com/errata/RHSA-2021:2517",
"https://access.redhat.com/errata/RHSA-2021:2499",
"https://access.redhat.com/errata/RHSA-2021:2431",
"https://access.redhat.com/errata/RHSA-2022:6407"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-27223"
],
"details": "In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of \u201cquality\u201d (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.",
"id": "GSD-2020-27223",
"modified": "2023-12-13T01:22:11.384662Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@eclipse.org",
"ID": "CVE-2020-27223",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Eclipse Jetty",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "9.4.6.v20170531"
},
{
"version_affected": "\u003c=",
"version_value": "9.4.36.v20210114"
},
{
"version_affected": "=",
"version_value": "10.0.0"
},
{
"version_affected": "=",
"version_value": "11.0.0"
}
]
}
}
]
},
"vendor_name": "The Eclipse Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of \u201cquality\u201d (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values."
}
]
},
"impact": {
"cvss": {
"baseScore": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-407: Inefficient Algorithmic Complexity"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128",
"refsource": "CONFIRM",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
},
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7",
"refsource": "CONFIRM",
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7"
},
{
"name": "[karaf-user] 20210301 Re: Jetty security defect",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5612dc69e1f79c421faf9764ffbc92591e2a69ea417c04cba57f49ea@%3Cuser.karaf.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr commented on pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20210302 [jira] [Created] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r35ab810c0f3016b3fd3a3fa9088a2d2781b354a810780ce74d022b6c@%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr opened a new pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2c2c7b2971360fb946bbf062c58d7245927dd1ce9150fc9987f65409@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [jira] [Created] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1b7ed296a865e3f1337a96ee9cd51f6d154d881a30da36020ca72a4b@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[druid-commits] 20210302 [GitHub] [druid] a2l007 opened a new pull request #10937: Upgrade jetty to latest version",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc052fd4e9e9c01bead74c0b5680355ea5dc3b72d46f253cb65d03e43@%3Ccommits.druid.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] ableegoldman commented on pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdd6c47321db1bfe12c68a898765bf3b6f97e2afa6a501254ed4feaed@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20210302 [jira] [Resolved] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra47a26c008487b0a739a368c846e168de06c3cd118d31ecedafa679a@%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [jira] [Resolved] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7fbdb7880be1566f943d80fbbeefde2115c086eba1bef3115350a388@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-commits] 20210302 [kafka] branch 2.7 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rff630ce92a4d1bb494fc1a3f9b57a3d60819b436505bcd8c6ccc713c@%3Ccommits.kafka.apache.org%3E"
},
{
"name": "[kafka-commits] 20210302 [kafka] branch 2.8 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra384892bab8c03a60613a6a9d5e9cae0a2b800fd882792a55520115e@%3Ccommits.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] omkreddy closed pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r562a0cbc5c8cac4d000a27b2854a8ab1b924aa9dd45f8ffbea98e5ad@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-commits] 20210302 [kafka] branch 2.6 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re819198d4732804dc01fca8b5b144689a118ede49f6128968773595c@%3Ccommits.kafka.apache.org%3E"
},
{
"name": "[activemq-gitbox] 20210303 [GitHub] [activemq] ehossack-aws opened a new pull request #616: Upgrade to Jetty 9.4.38.v20210224",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0e25cdf3722a24c53049d37396f0da8502cb4b7cdc481650dc601dbc@%3Cgitbox.activemq.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r26d9196f4d2afb9bec2784bcb6fc183aca82e4119bf41bdc613eec01@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r857b31ad16c6e76002bc6cca73c83358ed2595477e288286ee82c48d@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210307 [jira] [Updated] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0b639bd9bfaea265022125d18acd2fc6456044b76609ec74772c9567@%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210307 [jira] [Created] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/raa6d60b00b67c0550672b4f506f0df75b323dcd25cf574e91e2f2dff@%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb79b62ac3085e05656e41865f5a7efcbdc7dcd7843abed9c5fe0fef8@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6c2efa3137bc8c22707e550a1f9b80f74bca62b9c8a6f768f2c6b86@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-dev] 20210307 [jira] [Created] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5b7cc6ac733e0b35816751cf45d152ae246a3f40e0b1e62b101c9522@%3Cdev.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re43768896273c0b5f1a03d7f0a9d370852074489d51825fdc0d77f0f@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210308 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r75ee2a529edb892ac59110cb3f6f91844a932c5034e16c8317f5668d@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210308 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7f4ad5eec0bce2821c308bb23cac53df5c94eb84de1c58de9b95c176@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra40a88a2301a3da86e25b501ff4bc88124f2b816c2917d5f3497f8f0@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on a change in pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re19fa47ec901cc3cf6d7784027198e8113f8bc2dbfd6c9d6d13f5447@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg closed pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r492cff8488a7f6eb96700afb5d137b719ddb80a833e77f971d2691c6@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0cdab13815fc419805a332278c8d27e354e78560944fc36db0bdc760@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg closed pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r409ee2bae66bfff6aa89e6c74aff535e6248260d3afcb42bfb3b316b@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8b1963f16d6cb1230ca7ee73b6ec4f5c48f344191dbb1caabd265ee4@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8dc1b13b80d39fbf4a9d158850e15cd868f0460c2f364f13dca7050b@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on a change in pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/reca91f217f9e1ce607ce6e19a1c0b3db82b5b1b58cf39a84d6434695@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] arshadmohammad commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf77f4c4583669f1133d58cc4f1964367e253818ed8db986bb2732f7c@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210310 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re03a4dbc15df6f390a2f8c0a071c31c8324dbef007e59fdc2592091a@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210310 [GitHub] [zookeeper] asfgit closed pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r51f8975ef47c12a46fbfd7da9efea7f08e1d307fe1dc3042514659ae@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210310 [jira] [Resolved] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r734f996149bb9b1796740385fcbdf3e093eb9aabedc0f20a48ea1d68@%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210310 [zookeeper] branch branch-3.7.0 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0c6eced465950743f3041b03767a32b2e98d19731bd72277fc7ea428@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210310 [zookeeper] branch master updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r897a6a14d03eab09e89b809d2a650f3765065201da5bc3db9a4dd6e8@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[solr-users] 20210310 Does CVE-2020-27223 impact Solr 8.6.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r07aedcb1ece62969c406cb84c8f0e22cec7e42cdc272f3176e473320@%3Cusers.solr.apache.org%3E"
},
{
"name": "[nifi-issues] 20210310 [jira] [Created] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r4c92ea39167c0f7b096ae8268db496b5451d69606f0304b7c8a994c7@%3Cissues.nifi.apache.org%3E"
},
{
"name": "[lucene-dev] 20210310 Does CVE-2020-27223 impact Solr 8.6.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7ffd050d3bd7c90d95f4933560b5f4f15971ab9a5f5322fdce116243@%3Cdev.lucene.apache.org%3E"
},
{
"name": "[nifi-issues] 20210310 [jira] [Resolved] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1b803e6ebdac5f670708878fb1b27cd7a0ce9d774a60e797e58cee6f@%3Cissues.nifi.apache.org%3E"
},
{
"name": "[lucene-dev] 20210310 Re: Does CVE-2020-27223 impact Solr 8.6.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re3bd4f831f9be49871cb6adb997289b5dbcd6fe4bc5cb08223254080@%3Cdev.lucene.apache.org%3E"
},
{
"name": "[nifi-issues] 20210310 [jira] [Commented] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r463b12b27264c5e1e3c48c8c2cc5d33813d2f0d981102548fb3102fb@%3Cissues.nifi.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1@%3Cdev.kafka.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1@%3Cdev.kafka.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614@%3Cdev.kafka.apache.org%3E",
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614@%3Cdev.kafka.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Assigned] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r601f15f3de7ae3a7bbcd780c19155075c56443c2cdc1d193c03b4182@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] xkrogen opened a new pull request #31846: [SPARK-34752] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd666e187ebea2fda8624683ab51e2a5ad2108f762d21bf1a383d7502@%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] AmplabJenkins commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra2f529da674f25a7351543544f7d621b5227c49a0745913b1194d11e@%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Updated] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r4a456d89a83752a012d88a60ff4b21def6c9f650b9e69ea9fa11c9f9@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Commented] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r521a077885ce79c44a799118c878589e81e525cab72d368e5cfb6f61@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Created] (SPARK-34752) Upgrade Jetty to 9.3.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r105f4e52feb051faeb9141ef78f909aaf5129d6ed1fc52e099c79463@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Updated] (SPARK-34752) Upgrade Jetty to 9.3.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r27ad7843d060762cc942820566eeaa9639f75371afedf8124b943283@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Resolved] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc721fe2910533bffb6bd4d69ea8ff4f36066d260dbcd2d14e041614a@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] HyukjinKwon commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/reb3c6dc050c7ee18ea154cd94dba85d99aa6b02b84c4bb2138a4abf2@%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] HyukjinKwon closed pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1414ab2b3f4bb4c0e736caff6dc8d15f93f6264f0cca5c47710d7bb3@%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210316 [GitHub] [spark] xkrogen commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2c947376491a20d1cf143bf3c21ed74113e099d806cfe4c490a45ad8@%3Creviews.spark.apache.org%3E"
},
{
"name": "[solr-issues] 20210407 [jira] [Created] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r068dfd35ce2193f6af28b74ff29ab148c2b2cacb235995576f5bea78@%3Cissues.solr.apache.org%3E"
},
{
"name": "[solr-issues] 20210507 [jira] [Updated] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211@%3Cissues.solr.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210401-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210401-0005/"
},
{
"name": "[solr-issues] 20210623 [jira] [Updated] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf190d1d28e1367d1664ef6bc2f71227566d7b6b39209817a5364da1f@%3Cissues.solr.apache.org%3E"
},
{
"name": "DSA-4949",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4949"
},
{
"name": "[solr-issues] 20210813 [jira] [Resolved] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r65c714241b9d064a44fec10d60ebf5a37d5ebadd6bf88b0eed13ade0@%3Cissues.solr.apache.org%3E"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "[1.13.0]",
"affected_versions": "Version 1.13.0",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"cwe_ids": [
"CWE-1035",
"CWE-400",
"CWE-937"
],
"date": "2021-09-16",
"description": "When Jetty handles a request containing multiple `Accept` headers with a large number of `quality` (i.e., `q`) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.",
"fixed_versions": [
"1.13.1"
],
"identifier": "CVE-2020-27223",
"identifiers": [
"CVE-2020-27223",
"GHSA-m394-8rww-3jr7"
],
"not_impacted": "All versions before 1.13.0, all versions after 1.13.0",
"package_slug": "maven/org.apache.nifi/nifi",
"pubdate": "2021-02-26",
"solution": "Upgrade to version 1.13.1 or above.",
"title": "Uncontrolled Resource Consumption",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-27223",
"https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
],
"uuid": "5a2a1438-bcb4-4e3d-808b-45597575c795"
},
{
"affected_range": "[8.8.1]",
"affected_versions": "Version 8.8.1",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"cwe_ids": [
"CWE-1035",
"CWE-400",
"CWE-937"
],
"date": "2021-09-16",
"description": "When Jetty handles a request containing multiple `Accept` headers with a large number of `quality` (i.e., `q`) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.",
"fixed_versions": [
"8.8.2"
],
"identifier": "CVE-2020-27223",
"identifiers": [
"CVE-2020-27223",
"GHSA-m394-8rww-3jr7"
],
"not_impacted": "All versions before 8.8.1, all versions after 8.8.1",
"package_slug": "maven/org.apache.solr/solr-core",
"pubdate": "2021-02-26",
"solution": "Upgrade to version 8.8.2 or above.",
"title": "Uncontrolled Resource Consumption",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-27223",
"https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
],
"uuid": "cc1abd1a-3b51-485f-af14-726e194e056c"
},
{
"affected_range": "[3.1.1]",
"affected_versions": "Version 3.1.1",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"cwe_ids": [
"CWE-1035",
"CWE-400",
"CWE-937"
],
"date": "2021-09-16",
"description": "When Jetty handles a request containing multiple `Accept` headers with a large number of quality (i.e., `q`) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.",
"fixed_versions": [],
"identifier": "CVE-2020-27223",
"identifiers": [
"CVE-2020-27223",
"GHSA-m394-8rww-3jr7"
],
"not_impacted": "",
"package_slug": "maven/org.apache.spark/spark-core",
"pubdate": "2021-02-26",
"solution": "Unfortunately, there is no solution available yet.",
"title": "Uncontrolled Resource Consumption",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-27223",
"https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
],
"uuid": "e44a90f9-fddc-4023-aaf5-8d1feebfcefc"
},
{
"affected_range": "[9.4.6.v20170531,9.4.36.v20210114],[10.0.0,10.0.1),[11.0.0,11.0.1)",
"affected_versions": "All versions starting from 9.4.6.v20170531 up to 9.4.36.v20210114, all versions starting from 10.0.0 before 10.0.1, all versions starting from 11.0.0 before 11.0.1",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"cwe_ids": [
"CWE-1035",
"CWE-400",
"CWE-937"
],
"date": "2021-06-14",
"description": "When Jetty handles a request containing multiple `Accept` headers with a large number of `quality` (i.e., `q`) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.",
"fixed_versions": [
"9.4.37.v20210219",
"10.0.1",
"11.0.1"
],
"identifier": "CVE-2020-27223",
"identifiers": [
"CVE-2020-27223",
"GHSA-m394-8rww-3jr7"
],
"not_impacted": "All versions before 9.4.6.v20170531, all versions after 9.4.36.v20210114 before 10.0.0, all versions starting from 10.0.1 before 11.0.0, all versions starting from 11.0.1",
"package_slug": "maven/org.eclipse.jetty/jetty-client",
"pubdate": "2021-02-26",
"solution": "Upgrade to versions 9.4.37.v20210219, 10.0.1, 11.0.1 or above.",
"title": "Uncontrolled Resource Consumption",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-27223",
"https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
],
"uuid": "01ff93ac-2e6b-45af-8e55-b91cd3c67f83"
},
{
"affected_range": "[9.4.6.v20170531,9.4.36.v20210114],[10.0.0,10.0.1),[11.0.0,11.0.1)",
"affected_versions": "All versions starting from 9.4.6.v20170531 up to 9.4.36.v20210114, all versions starting from 10.0.0 before 10.0.1, all versions starting from 11.0.0 before 11.0.1",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"cwe_ids": [
"CWE-1035",
"CWE-400",
"CWE-937"
],
"date": "2021-09-16",
"description": "When Jetty handles a request containing multiple `Accept` headers with a large number of `quality` (i.e., `q`) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.",
"fixed_versions": [
"9.4.37.v20210219",
"10.0.1",
"11.0.1"
],
"identifier": "CVE-2020-27223",
"identifiers": [
"CVE-2020-27223",
"GHSA-m394-8rww-3jr7"
],
"not_impacted": "All versions before 9.4.6.v20170531, all versions after 9.4.36.v20210114 before 10.0.0, all versions starting from 10.0.1 before 11.0.0, all versions starting from 11.0.1",
"package_slug": "maven/org.eclipse.jetty/jetty-http",
"pubdate": "2021-02-26",
"solution": "Upgrade to versions 9.4.37.v20210219, 10.0.1, 11.0.1 or above.",
"title": "Uncontrolled Resource Consumption",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-27223",
"https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
],
"uuid": "cf38eb30-ca73-42ff-90fc-1bf66171733a"
},
{
"affected_range": "[9.4.6.v20170531,9.4.36.v20210114],[10.0.0,10.0.1),[11.0.0,11.0.1)",
"affected_versions": "All versions starting from 9.4.6.v20170531 up to 9.4.36.v20210114, all versions starting from 10.0.0 before 10.0.1, all versions starting from 11.0.0 before 11.0.1",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"cwe_ids": [
"CWE-1035",
"CWE-400",
"CWE-937"
],
"date": "2021-09-16",
"description": "When Jetty handles a request containing multiple `Accept` headers with a large number of quality (i.e., `q`) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.",
"fixed_versions": [
"9.4.37.v20210219",
"10.0.1",
"11.0.1"
],
"identifier": "CVE-2020-27223",
"identifiers": [
"CVE-2020-27223",
"GHSA-m394-8rww-3jr7"
],
"not_impacted": "All versions before 9.4.6.v20170531, all versions after 9.4.36.v20210114 before 10.0.0, all versions starting from 10.0.1 before 11.0.0, all versions starting from 11.0.1",
"package_slug": "maven/org.eclipse.jetty/jetty-server",
"pubdate": "2021-02-26",
"solution": "Upgrade to versions 9.4.37.v20210219, 10.0.1, 11.0.1 or above.",
"title": "Uncontrolled Resource Consumption",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-27223",
"https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
],
"uuid": "439b912d-ce8b-43cb-b008-443d66ed0c7f"
},
{
"affected_range": "[9.4.6.v20170531,9.4.36.v20210114],[10.0.0,10.0.1),[11.0.0,11.0.1)",
"affected_versions": "All versions starting from 9.4.6.v20170531 up to 9.4.36.v20210114, all versions starting from 10.0.0 before 10.0.1, all versions starting from 11.0.0 before 11.0.1",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"cwe_ids": [
"CWE-1035",
"CWE-400",
"CWE-937"
],
"date": "2021-06-14",
"description": "When Jetty handles a request containing multiple `Accept` headers with a large number of `quality` (i.e., `q`) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.",
"fixed_versions": [
"9.4.37.v20210219",
"10.0.1",
"11.0.1"
],
"identifier": "CVE-2020-27223",
"identifiers": [
"CVE-2020-27223",
"GHSA-m394-8rww-3jr7"
],
"not_impacted": "All versions before 9.4.6.v20170531, all versions after 9.4.36.v20210114 before 10.0.0, all versions starting from 10.0.1 before 11.0.0, all versions starting from 11.0.1",
"package_slug": "maven/org.eclipse.jetty/jetty-util",
"pubdate": "2021-02-26",
"solution": "Upgrade to versions 9.4.36.v20210114, 10.0.1, 11.0.1 or above.",
"title": "Uncontrolled Resource Consumption",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-27223",
"https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
],
"uuid": "d81baf96-f322-49e5-96bd-6b7497f65426"
},
{
"affected_range": "==3.1.1",
"affected_versions": "Version 3.1.1",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"cwe_ids": [
"CWE-1035",
"CWE-400",
"CWE-937"
],
"date": "2021-09-16",
"description": "When Jetty handles a request containing multiple `Accept` headers with a large number of `quality` (i.e., `q`) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.",
"fixed_versions": [
"3.1.2"
],
"identifier": "CVE-2020-27223",
"identifiers": [
"CVE-2020-27223",
"GHSA-m394-8rww-3jr7"
],
"not_impacted": "All versions before 3.1.1, all versions after 3.1.1",
"package_slug": "pypi/pyspark",
"pubdate": "2021-02-26",
"solution": "Upgrade to version 3.1.2 or above.",
"title": "Uncontrolled Resource Consumption",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-27223",
"https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
],
"uuid": "32ed57fe-285a-4865-89f2-46ef53400d8b"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:eclipse:jetty:9.4.6:20170531:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eclipse:jetty:9.4.6:20180619:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.4.36",
"versionStartIncluding": "9.4.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eclipse:jetty:9.4.36:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eclipse:jetty:9.4.36:20210114:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eclipse:jetty:10.0.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eclipse:jetty:11.0.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:nifi:1.13.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:spark:3.1.1:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.70.1",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:element_plug-in_for_vcenter_server:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:solr:8.8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndExcluding": "20.4.3.050.1904",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@eclipse.org",
"ID": "CVE-2020-27223"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of \u201cquality\u201d (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128"
},
{
"name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7"
},
{
"name": "[karaf-user] 20210301 Re: Jetty security defect",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r5612dc69e1f79c421faf9764ffbc92591e2a69ea417c04cba57f49ea@%3Cuser.karaf.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr commented on pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [jira] [Created] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r1b7ed296a865e3f1337a96ee9cd51f6d154d881a30da36020ca72a4b@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20210302 [jira] [Created] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r35ab810c0f3016b3fd3a3fa9088a2d2781b354a810780ce74d022b6c@%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr opened a new pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r2c2c7b2971360fb946bbf062c58d7245927dd1ce9150fc9987f65409@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[druid-commits] 20210302 [GitHub] [druid] a2l007 opened a new pull request #10937: Upgrade jetty to latest version",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rc052fd4e9e9c01bead74c0b5680355ea5dc3b72d46f253cb65d03e43@%3Ccommits.druid.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] ableegoldman commented on pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rdd6c47321db1bfe12c68a898765bf3b6f97e2afa6a501254ed4feaed@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [GitHub] [kafka] omkreddy closed pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r562a0cbc5c8cac4d000a27b2854a8ab1b924aa9dd45f8ffbea98e5ad@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-dev] 20210302 [jira] [Resolved] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/ra47a26c008487b0a739a368c846e168de06c3cd118d31ecedafa679a@%3Cdev.kafka.apache.org%3E"
},
{
"name": "[kafka-commits] 20210302 [kafka] branch 2.8 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/ra384892bab8c03a60613a6a9d5e9cae0a2b800fd882792a55520115e@%3Ccommits.kafka.apache.org%3E"
},
{
"name": "[kafka-commits] 20210302 [kafka] branch 2.6 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/re819198d4732804dc01fca8b5b144689a118ede49f6128968773595c@%3Ccommits.kafka.apache.org%3E"
},
{
"name": "[kafka-jira] 20210302 [jira] [Resolved] (KAFKA-12400) Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r7fbdb7880be1566f943d80fbbeefde2115c086eba1bef3115350a388@%3Cjira.kafka.apache.org%3E"
},
{
"name": "[kafka-commits] 20210302 [kafka] branch 2.7 updated: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rff630ce92a4d1bb494fc1a3f9b57a3d60819b436505bcd8c6ccc713c@%3Ccommits.kafka.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1@%3Cdev.kafka.apache.org%3E",
"refsource": "MISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r3ce0e31b25ad4ee8f7c42b62cfdc72d1b586f5d6accd23f5295b6dd1@%3Cdev.kafka.apache.org%3E"
},
{
"name": "https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614@%3Cdev.kafka.apache.org%3E",
"refsource": "MISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/re0d38cc2b5da28f708fc89de49036f3ace052c47a1202f7d70291614@%3Cdev.kafka.apache.org%3E"
},
{
"name": "[activemq-gitbox] 20210303 [GitHub] [activemq] ehossack-aws opened a new pull request #616: Upgrade to Jetty 9.4.38.v20210224",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r0e25cdf3722a24c53049d37396f0da8502cb4b7cdc481650dc601dbc@%3Cgitbox.activemq.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r857b31ad16c6e76002bc6cca73c83358ed2595477e288286ee82c48d@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rb79b62ac3085e05656e41865f5a7efcbdc7dcd7843abed9c5fe0fef8@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r26d9196f4d2afb9bec2784bcb6fc183aca82e4119bf41bdc613eec01@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210307 [GitHub] [zookeeper] ztzg opened a new pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rf6c2efa3137bc8c22707e550a1f9b80f74bca62b9c8a6f768f2c6b86@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210307 [jira] [Created] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/raa6d60b00b67c0550672b4f506f0df75b323dcd25cf574e91e2f2dff@%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-dev] 20210307 [jira] [Created] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r5b7cc6ac733e0b35816751cf45d152ae246a3f40e0b1e62b101c9522@%3Cdev.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210307 [jira] [Updated] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r0b639bd9bfaea265022125d18acd2fc6456044b76609ec74772c9567@%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on a change in pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/re19fa47ec901cc3cf6d7784027198e8113f8bc2dbfd6c9d6d13f5447@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210308 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r75ee2a529edb892ac59110cb3f6f91844a932c5034e16c8317f5668d@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/ra40a88a2301a3da86e25b501ff4bc88124f2b816c2917d5f3497f8f0@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210308 [GitHub] [zookeeper] arshadmohammad commented on pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/re43768896273c0b5f1a03d7f0a9d370852074489d51825fdc0d77f0f@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210308 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r7f4ad5eec0bce2821c308bb23cac53df5c94eb84de1c58de9b95c176@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg closed pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r409ee2bae66bfff6aa89e6c74aff535e6248260d3afcb42bfb3b316b@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r0cdab13815fc419805a332278c8d27e354e78560944fc36db0bdc760@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1625: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r8b1963f16d6cb1230ca7ee73b6ec4f5c48f344191dbb1caabd265ee4@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg closed pull request #1624: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r492cff8488a7f6eb96700afb5d137b719ddb80a833e77f971d2691c6@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on a change in pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/reca91f217f9e1ce607ce6e19a1c0b3db82b5b1b58cf39a84d6434695@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] ztzg commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r8dc1b13b80d39fbf4a9d158850e15cd868f0460c2f364f13dca7050b@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210309 [GitHub] [zookeeper] arshadmohammad commented on pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rf77f4c4583669f1133d58cc4f1964367e253818ed8db986bb2732f7c@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-issues] 20210310 [jira] [Resolved] (ZOOKEEPER-4233) dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r734f996149bb9b1796740385fcbdf3e093eb9aabedc0f20a48ea1d68@%3Cissues.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210310 [zookeeper] branch branch-3.7.0 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r0c6eced465950743f3041b03767a32b2e98d19731bd72277fc7ea428@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210310 [zookeeper] branch master updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r897a6a14d03eab09e89b809d2a650f3765065201da5bc3db9a4dd6e8@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-commits] 20210310 [zookeeper] branch branch-3.7 updated: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/re03a4dbc15df6f390a2f8c0a071c31c8324dbef007e59fdc2592091a@%3Ccommits.zookeeper.apache.org%3E"
},
{
"name": "[zookeeper-notifications] 20210310 [GitHub] [zookeeper] asfgit closed pull request #1623: ZOOKEEPER-4233: dependency-check:check failing - Jetty 9.4.35.v20201120 - CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r51f8975ef47c12a46fbfd7da9efea7f08e1d307fe1dc3042514659ae@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"name": "[nifi-issues] 20210310 [jira] [Created] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r4c92ea39167c0f7b096ae8268db496b5451d69606f0304b7c8a994c7@%3Cissues.nifi.apache.org%3E"
},
{
"name": "[solr-users] 20210310 Does CVE-2020-27223 impact Solr 8.6.1",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r07aedcb1ece62969c406cb84c8f0e22cec7e42cdc272f3176e473320@%3Cusers.solr.apache.org%3E"
},
{
"name": "[lucene-dev] 20210310 Does CVE-2020-27223 impact Solr 8.6.1",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r7ffd050d3bd7c90d95f4933560b5f4f15971ab9a5f5322fdce116243@%3Cdev.lucene.apache.org%3E"
},
{
"name": "[nifi-issues] 20210310 [jira] [Resolved] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r1b803e6ebdac5f670708878fb1b27cd7a0ce9d774a60e797e58cee6f@%3Cissues.nifi.apache.org%3E"
},
{
"name": "[lucene-dev] 20210310 Re: Does CVE-2020-27223 impact Solr 8.6.1",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/re3bd4f831f9be49871cb6adb997289b5dbcd6fe4bc5cb08223254080@%3Cdev.lucene.apache.org%3E"
},
{
"name": "[nifi-issues] 20210310 [jira] [Commented] (NIFI-8309) Update to latest Jetty due to reported CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r463b12b27264c5e1e3c48c8c2cc5d33813d2f0d981102548fb3102fb@%3Cissues.nifi.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Assigned] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r601f15f3de7ae3a7bbcd780c19155075c56443c2cdc1d193c03b4182@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Created] (SPARK-34752) Upgrade Jetty to 9.3.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r105f4e52feb051faeb9141ef78f909aaf5129d6ed1fc52e099c79463@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Commented] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r521a077885ce79c44a799118c878589e81e525cab72d368e5cfb6f61@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] AmplabJenkins commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/ra2f529da674f25a7351543544f7d621b5227c49a0745913b1194d11e@%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Updated] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r4a456d89a83752a012d88a60ff4b21def6c9f650b9e69ea9fa11c9f9@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Updated] (SPARK-34752) Upgrade Jetty to 9.3.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r27ad7843d060762cc942820566eeaa9639f75371afedf8124b943283@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] xkrogen opened a new pull request #31846: [SPARK-34752] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rd666e187ebea2fda8624683ab51e2a5ad2108f762d21bf1a383d7502@%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] HyukjinKwon closed pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r1414ab2b3f4bb4c0e736caff6dc8d15f93f6264f0cca5c47710d7bb3@%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210315 [GitHub] [spark] HyukjinKwon commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/reb3c6dc050c7ee18ea154cd94dba85d99aa6b02b84c4bb2138a4abf2@%3Creviews.spark.apache.org%3E"
},
{
"name": "[spark-issues] 20210315 [jira] [Resolved] (SPARK-34752) Upgrade Jetty to 9.4.37 to fix CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rc721fe2910533bffb6bd4d69ea8ff4f36066d260dbcd2d14e041614a@%3Cissues.spark.apache.org%3E"
},
{
"name": "[spark-reviews] 20210316 [GitHub] [spark] xkrogen commented on pull request #31846: [SPARK-34752][BUILD] Bump Jetty to 9.4.37 to address CVE-2020-27223",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r2c947376491a20d1cf143bf3c21ed74113e099d806cfe4c490a45ad8@%3Creviews.spark.apache.org%3E"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210401-0005/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210401-0005/"
},
{
"name": "[solr-issues] 20210407 [jira] [Created] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r068dfd35ce2193f6af28b74ff29ab148c2b2cacb235995576f5bea78@%3Cissues.solr.apache.org%3E"
},
{
"name": "[solr-issues] 20210507 [jira] [Updated] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r855b24a3bde3674256152edfc53fb8c9000f9b59db3fecbbde33b211@%3Cissues.solr.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "[solr-issues] 20210623 [jira] [Updated] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/rf190d1d28e1367d1664ef6bc2f71227566d7b6b39209817a5364da1f@%3Cissues.solr.apache.org%3E"
},
{
"name": "DSA-4949",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4949"
},
{
"name": "[solr-issues] 20210813 [jira] [Resolved] (SOLR-15325) High security vulnerability in Jetty library bundled within Solr - CVE-2020-27223 (+1)",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/r65c714241b9d064a44fec10d60ebf5a37d5ebadd6bf88b0eed13ade0@%3Cissues.solr.apache.org%3E"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
},
"lastModifiedDate": "2021-09-16T15:44Z",
"publishedDate": "2021-02-26T22:15Z"
}
}
}
OPENSUSE-SU-2024:10878-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
jetty-annotations-9.4.43-1.2 on GA media
Severity
Moderate
Notes
Title of the patch: jetty-annotations-9.4.43-1.2 on GA media
Description of the patch: These are all security issues fixed in the jetty-annotations-9.4.43-1.2 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-10878
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.8 (Medium)
Affected products
Recommended
116 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
116 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
116 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
116 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
116 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
116 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
116 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "jetty-annotations-9.4.43-1.2 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the jetty-annotations-9.4.43-1.2 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10878",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10878-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-27218 page",
"url": "https://www.suse.com/security/cve/CVE-2020-27218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-27223 page",
"url": "https://www.suse.com/security/cve/CVE-2020-27223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-28163 page",
"url": "https://www.suse.com/security/cve/CVE-2021-28163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-28164 page",
"url": "https://www.suse.com/security/cve/CVE-2021-28164/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-28165 page",
"url": "https://www.suse.com/security/cve/CVE-2021-28165/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-28169 page",
"url": "https://www.suse.com/security/cve/CVE-2021-28169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-34429 page",
"url": "https://www.suse.com/security/cve/CVE-2021-34429/"
}
],
"title": "jetty-annotations-9.4.43-1.2 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10878-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "jetty-annotations-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-annotations-9.4.43-1.2.aarch64",
"product_id": "jetty-annotations-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-ant-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-ant-9.4.43-1.2.aarch64",
"product_id": "jetty-ant-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-cdi-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-cdi-9.4.43-1.2.aarch64",
"product_id": "jetty-cdi-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-client-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-client-9.4.43-1.2.aarch64",
"product_id": "jetty-client-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-continuation-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-continuation-9.4.43-1.2.aarch64",
"product_id": "jetty-continuation-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-deploy-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-deploy-9.4.43-1.2.aarch64",
"product_id": "jetty-deploy-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-fcgi-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-fcgi-9.4.43-1.2.aarch64",
"product_id": "jetty-fcgi-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-http-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-http-9.4.43-1.2.aarch64",
"product_id": "jetty-http-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-http-spi-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-http-spi-9.4.43-1.2.aarch64",
"product_id": "jetty-http-spi-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-io-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-io-9.4.43-1.2.aarch64",
"product_id": "jetty-io-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-jaas-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-jaas-9.4.43-1.2.aarch64",
"product_id": "jetty-jaas-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-jmx-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-jmx-9.4.43-1.2.aarch64",
"product_id": "jetty-jmx-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-jndi-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-jndi-9.4.43-1.2.aarch64",
"product_id": "jetty-jndi-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-jsp-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-jsp-9.4.43-1.2.aarch64",
"product_id": "jetty-jsp-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"product_id": "jetty-minimal-javadoc-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-openid-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-openid-9.4.43-1.2.aarch64",
"product_id": "jetty-openid-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-plus-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-plus-9.4.43-1.2.aarch64",
"product_id": "jetty-plus-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-proxy-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-proxy-9.4.43-1.2.aarch64",
"product_id": "jetty-proxy-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-quickstart-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-quickstart-9.4.43-1.2.aarch64",
"product_id": "jetty-quickstart-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-rewrite-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-rewrite-9.4.43-1.2.aarch64",
"product_id": "jetty-rewrite-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-security-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-security-9.4.43-1.2.aarch64",
"product_id": "jetty-security-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-server-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-server-9.4.43-1.2.aarch64",
"product_id": "jetty-server-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-servlet-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-servlet-9.4.43-1.2.aarch64",
"product_id": "jetty-servlet-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-servlets-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-servlets-9.4.43-1.2.aarch64",
"product_id": "jetty-servlets-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-start-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-start-9.4.43-1.2.aarch64",
"product_id": "jetty-start-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-util-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-util-9.4.43-1.2.aarch64",
"product_id": "jetty-util-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-util-ajax-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-util-ajax-9.4.43-1.2.aarch64",
"product_id": "jetty-util-ajax-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-webapp-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-webapp-9.4.43-1.2.aarch64",
"product_id": "jetty-webapp-9.4.43-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-xml-9.4.43-1.2.aarch64",
"product": {
"name": "jetty-xml-9.4.43-1.2.aarch64",
"product_id": "jetty-xml-9.4.43-1.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "jetty-annotations-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-annotations-9.4.43-1.2.ppc64le",
"product_id": "jetty-annotations-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-ant-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-ant-9.4.43-1.2.ppc64le",
"product_id": "jetty-ant-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-cdi-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-cdi-9.4.43-1.2.ppc64le",
"product_id": "jetty-cdi-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-client-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-client-9.4.43-1.2.ppc64le",
"product_id": "jetty-client-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-continuation-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-continuation-9.4.43-1.2.ppc64le",
"product_id": "jetty-continuation-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-deploy-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-deploy-9.4.43-1.2.ppc64le",
"product_id": "jetty-deploy-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-fcgi-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-fcgi-9.4.43-1.2.ppc64le",
"product_id": "jetty-fcgi-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-http-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-http-9.4.43-1.2.ppc64le",
"product_id": "jetty-http-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-http-spi-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-http-spi-9.4.43-1.2.ppc64le",
"product_id": "jetty-http-spi-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-io-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-io-9.4.43-1.2.ppc64le",
"product_id": "jetty-io-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-jaas-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-jaas-9.4.43-1.2.ppc64le",
"product_id": "jetty-jaas-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-jmx-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-jmx-9.4.43-1.2.ppc64le",
"product_id": "jetty-jmx-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-jndi-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-jndi-9.4.43-1.2.ppc64le",
"product_id": "jetty-jndi-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-jsp-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-jsp-9.4.43-1.2.ppc64le",
"product_id": "jetty-jsp-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"product_id": "jetty-minimal-javadoc-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-openid-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-openid-9.4.43-1.2.ppc64le",
"product_id": "jetty-openid-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-plus-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-plus-9.4.43-1.2.ppc64le",
"product_id": "jetty-plus-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-proxy-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-proxy-9.4.43-1.2.ppc64le",
"product_id": "jetty-proxy-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-quickstart-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-quickstart-9.4.43-1.2.ppc64le",
"product_id": "jetty-quickstart-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-rewrite-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-rewrite-9.4.43-1.2.ppc64le",
"product_id": "jetty-rewrite-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-security-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-security-9.4.43-1.2.ppc64le",
"product_id": "jetty-security-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-server-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-server-9.4.43-1.2.ppc64le",
"product_id": "jetty-server-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-servlet-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-servlet-9.4.43-1.2.ppc64le",
"product_id": "jetty-servlet-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-servlets-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-servlets-9.4.43-1.2.ppc64le",
"product_id": "jetty-servlets-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-start-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-start-9.4.43-1.2.ppc64le",
"product_id": "jetty-start-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-util-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-util-9.4.43-1.2.ppc64le",
"product_id": "jetty-util-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-util-ajax-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-util-ajax-9.4.43-1.2.ppc64le",
"product_id": "jetty-util-ajax-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-webapp-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-webapp-9.4.43-1.2.ppc64le",
"product_id": "jetty-webapp-9.4.43-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-xml-9.4.43-1.2.ppc64le",
"product": {
"name": "jetty-xml-9.4.43-1.2.ppc64le",
"product_id": "jetty-xml-9.4.43-1.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "jetty-annotations-9.4.43-1.2.s390x",
"product": {
"name": "jetty-annotations-9.4.43-1.2.s390x",
"product_id": "jetty-annotations-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-ant-9.4.43-1.2.s390x",
"product": {
"name": "jetty-ant-9.4.43-1.2.s390x",
"product_id": "jetty-ant-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-cdi-9.4.43-1.2.s390x",
"product": {
"name": "jetty-cdi-9.4.43-1.2.s390x",
"product_id": "jetty-cdi-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-client-9.4.43-1.2.s390x",
"product": {
"name": "jetty-client-9.4.43-1.2.s390x",
"product_id": "jetty-client-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-continuation-9.4.43-1.2.s390x",
"product": {
"name": "jetty-continuation-9.4.43-1.2.s390x",
"product_id": "jetty-continuation-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-deploy-9.4.43-1.2.s390x",
"product": {
"name": "jetty-deploy-9.4.43-1.2.s390x",
"product_id": "jetty-deploy-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-fcgi-9.4.43-1.2.s390x",
"product": {
"name": "jetty-fcgi-9.4.43-1.2.s390x",
"product_id": "jetty-fcgi-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-http-9.4.43-1.2.s390x",
"product": {
"name": "jetty-http-9.4.43-1.2.s390x",
"product_id": "jetty-http-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-http-spi-9.4.43-1.2.s390x",
"product": {
"name": "jetty-http-spi-9.4.43-1.2.s390x",
"product_id": "jetty-http-spi-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-io-9.4.43-1.2.s390x",
"product": {
"name": "jetty-io-9.4.43-1.2.s390x",
"product_id": "jetty-io-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-jaas-9.4.43-1.2.s390x",
"product": {
"name": "jetty-jaas-9.4.43-1.2.s390x",
"product_id": "jetty-jaas-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-jmx-9.4.43-1.2.s390x",
"product": {
"name": "jetty-jmx-9.4.43-1.2.s390x",
"product_id": "jetty-jmx-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-jndi-9.4.43-1.2.s390x",
"product": {
"name": "jetty-jndi-9.4.43-1.2.s390x",
"product_id": "jetty-jndi-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-jsp-9.4.43-1.2.s390x",
"product": {
"name": "jetty-jsp-9.4.43-1.2.s390x",
"product_id": "jetty-jsp-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-minimal-javadoc-9.4.43-1.2.s390x",
"product": {
"name": "jetty-minimal-javadoc-9.4.43-1.2.s390x",
"product_id": "jetty-minimal-javadoc-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-openid-9.4.43-1.2.s390x",
"product": {
"name": "jetty-openid-9.4.43-1.2.s390x",
"product_id": "jetty-openid-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-plus-9.4.43-1.2.s390x",
"product": {
"name": "jetty-plus-9.4.43-1.2.s390x",
"product_id": "jetty-plus-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-proxy-9.4.43-1.2.s390x",
"product": {
"name": "jetty-proxy-9.4.43-1.2.s390x",
"product_id": "jetty-proxy-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-quickstart-9.4.43-1.2.s390x",
"product": {
"name": "jetty-quickstart-9.4.43-1.2.s390x",
"product_id": "jetty-quickstart-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-rewrite-9.4.43-1.2.s390x",
"product": {
"name": "jetty-rewrite-9.4.43-1.2.s390x",
"product_id": "jetty-rewrite-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-security-9.4.43-1.2.s390x",
"product": {
"name": "jetty-security-9.4.43-1.2.s390x",
"product_id": "jetty-security-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-server-9.4.43-1.2.s390x",
"product": {
"name": "jetty-server-9.4.43-1.2.s390x",
"product_id": "jetty-server-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-servlet-9.4.43-1.2.s390x",
"product": {
"name": "jetty-servlet-9.4.43-1.2.s390x",
"product_id": "jetty-servlet-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-servlets-9.4.43-1.2.s390x",
"product": {
"name": "jetty-servlets-9.4.43-1.2.s390x",
"product_id": "jetty-servlets-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-start-9.4.43-1.2.s390x",
"product": {
"name": "jetty-start-9.4.43-1.2.s390x",
"product_id": "jetty-start-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-util-9.4.43-1.2.s390x",
"product": {
"name": "jetty-util-9.4.43-1.2.s390x",
"product_id": "jetty-util-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-util-ajax-9.4.43-1.2.s390x",
"product": {
"name": "jetty-util-ajax-9.4.43-1.2.s390x",
"product_id": "jetty-util-ajax-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-webapp-9.4.43-1.2.s390x",
"product": {
"name": "jetty-webapp-9.4.43-1.2.s390x",
"product_id": "jetty-webapp-9.4.43-1.2.s390x"
}
},
{
"category": "product_version",
"name": "jetty-xml-9.4.43-1.2.s390x",
"product": {
"name": "jetty-xml-9.4.43-1.2.s390x",
"product_id": "jetty-xml-9.4.43-1.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "jetty-annotations-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-annotations-9.4.43-1.2.x86_64",
"product_id": "jetty-annotations-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-ant-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-ant-9.4.43-1.2.x86_64",
"product_id": "jetty-ant-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-cdi-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-cdi-9.4.43-1.2.x86_64",
"product_id": "jetty-cdi-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-client-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-client-9.4.43-1.2.x86_64",
"product_id": "jetty-client-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-continuation-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-continuation-9.4.43-1.2.x86_64",
"product_id": "jetty-continuation-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-deploy-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-deploy-9.4.43-1.2.x86_64",
"product_id": "jetty-deploy-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-fcgi-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-fcgi-9.4.43-1.2.x86_64",
"product_id": "jetty-fcgi-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-http-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-http-9.4.43-1.2.x86_64",
"product_id": "jetty-http-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-http-spi-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-http-spi-9.4.43-1.2.x86_64",
"product_id": "jetty-http-spi-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-io-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-io-9.4.43-1.2.x86_64",
"product_id": "jetty-io-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-jaas-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-jaas-9.4.43-1.2.x86_64",
"product_id": "jetty-jaas-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-jmx-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-jmx-9.4.43-1.2.x86_64",
"product_id": "jetty-jmx-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-jndi-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-jndi-9.4.43-1.2.x86_64",
"product_id": "jetty-jndi-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-jsp-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-jsp-9.4.43-1.2.x86_64",
"product_id": "jetty-jsp-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"product_id": "jetty-minimal-javadoc-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-openid-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-openid-9.4.43-1.2.x86_64",
"product_id": "jetty-openid-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-plus-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-plus-9.4.43-1.2.x86_64",
"product_id": "jetty-plus-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-proxy-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-proxy-9.4.43-1.2.x86_64",
"product_id": "jetty-proxy-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-quickstart-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-quickstart-9.4.43-1.2.x86_64",
"product_id": "jetty-quickstart-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-rewrite-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-rewrite-9.4.43-1.2.x86_64",
"product_id": "jetty-rewrite-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-security-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-security-9.4.43-1.2.x86_64",
"product_id": "jetty-security-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-server-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-server-9.4.43-1.2.x86_64",
"product_id": "jetty-server-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-servlet-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-servlet-9.4.43-1.2.x86_64",
"product_id": "jetty-servlet-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-servlets-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-servlets-9.4.43-1.2.x86_64",
"product_id": "jetty-servlets-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-start-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-start-9.4.43-1.2.x86_64",
"product_id": "jetty-start-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-util-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-util-9.4.43-1.2.x86_64",
"product_id": "jetty-util-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-util-ajax-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-util-ajax-9.4.43-1.2.x86_64",
"product_id": "jetty-util-ajax-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-webapp-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-webapp-9.4.43-1.2.x86_64",
"product_id": "jetty-webapp-9.4.43-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-xml-9.4.43-1.2.x86_64",
"product": {
"name": "jetty-xml-9.4.43-1.2.x86_64",
"product_id": "jetty-xml-9.4.43-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-annotations-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-annotations-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-annotations-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-annotations-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-annotations-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x"
},
"product_reference": "jetty-annotations-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-annotations-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-annotations-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-ant-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-ant-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-ant-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-ant-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-ant-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x"
},
"product_reference": "jetty-ant-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-ant-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-ant-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-cdi-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-cdi-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-cdi-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-cdi-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-cdi-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x"
},
"product_reference": "jetty-cdi-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-cdi-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-cdi-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-client-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-client-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-client-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-client-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-client-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x"
},
"product_reference": "jetty-client-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-client-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-client-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-continuation-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-continuation-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-continuation-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-continuation-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-continuation-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x"
},
"product_reference": "jetty-continuation-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-continuation-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-continuation-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-deploy-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-deploy-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-deploy-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-deploy-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-deploy-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x"
},
"product_reference": "jetty-deploy-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-deploy-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-deploy-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-fcgi-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-fcgi-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-fcgi-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-fcgi-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-fcgi-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x"
},
"product_reference": "jetty-fcgi-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-fcgi-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-fcgi-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-http-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-http-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x"
},
"product_reference": "jetty-http-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-http-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-spi-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-http-spi-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-spi-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-http-spi-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-spi-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x"
},
"product_reference": "jetty-http-spi-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-spi-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-http-spi-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-io-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-io-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-io-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-io-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-io-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x"
},
"product_reference": "jetty-io-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-io-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-io-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jaas-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-jaas-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jaas-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-jaas-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jaas-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x"
},
"product_reference": "jetty-jaas-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jaas-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-jaas-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jmx-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-jmx-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jmx-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-jmx-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jmx-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x"
},
"product_reference": "jetty-jmx-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jmx-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-jmx-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jndi-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-jndi-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jndi-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-jndi-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jndi-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x"
},
"product_reference": "jetty-jndi-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jndi-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-jndi-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jsp-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-jsp-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jsp-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-jsp-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jsp-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x"
},
"product_reference": "jetty-jsp-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jsp-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-jsp-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-minimal-javadoc-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-minimal-javadoc-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-minimal-javadoc-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x"
},
"product_reference": "jetty-minimal-javadoc-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-minimal-javadoc-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-openid-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-openid-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-openid-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-openid-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-openid-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x"
},
"product_reference": "jetty-openid-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-openid-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-openid-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-plus-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-plus-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-plus-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-plus-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-plus-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x"
},
"product_reference": "jetty-plus-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-plus-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-plus-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-proxy-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-proxy-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-proxy-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-proxy-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-proxy-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x"
},
"product_reference": "jetty-proxy-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-proxy-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-proxy-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-quickstart-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-quickstart-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-quickstart-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-quickstart-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-quickstart-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x"
},
"product_reference": "jetty-quickstart-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-quickstart-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-quickstart-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-rewrite-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-rewrite-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-rewrite-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-rewrite-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-rewrite-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x"
},
"product_reference": "jetty-rewrite-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-rewrite-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-rewrite-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-security-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-security-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-security-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-security-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-security-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x"
},
"product_reference": "jetty-security-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-security-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-security-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-server-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-server-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-server-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-server-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-server-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x"
},
"product_reference": "jetty-server-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-server-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-server-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlet-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-servlet-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlet-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-servlet-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlet-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x"
},
"product_reference": "jetty-servlet-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlet-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-servlet-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlets-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-servlets-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlets-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-servlets-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlets-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x"
},
"product_reference": "jetty-servlets-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlets-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-servlets-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-start-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-start-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-start-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-start-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-start-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x"
},
"product_reference": "jetty-start-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-start-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-start-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-util-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-util-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x"
},
"product_reference": "jetty-util-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-util-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-ajax-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-util-ajax-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-ajax-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-util-ajax-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-ajax-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x"
},
"product_reference": "jetty-util-ajax-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-ajax-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-util-ajax-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-webapp-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-webapp-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-webapp-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-webapp-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-webapp-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x"
},
"product_reference": "jetty-webapp-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-webapp-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-webapp-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-xml-9.4.43-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64"
},
"product_reference": "jetty-xml-9.4.43-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-xml-9.4.43-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le"
},
"product_reference": "jetty-xml-9.4.43-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-xml-9.4.43-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x"
},
"product_reference": "jetty-xml-9.4.43-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-xml-9.4.43-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
},
"product_reference": "jetty-xml-9.4.43-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-27218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-27218"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-27218",
"url": "https://www.suse.com/security/cve/CVE-2020-27218"
},
{
"category": "external",
"summary": "SUSE Bug 1179727 for CVE-2020-27218",
"url": "https://bugzilla.suse.com/1179727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-27218"
},
{
"cve": "CVE-2020-27223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-27223"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of \"quality\" (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-27223",
"url": "https://www.suse.com/security/cve/CVE-2020-27223"
},
{
"category": "external",
"summary": "SUSE Bug 1182898 for CVE-2020-27223",
"url": "https://bugzilla.suse.com/1182898"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-27223"
},
{
"cve": "CVE-2021-28163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-28163"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that might be in that directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-28163",
"url": "https://www.suse.com/security/cve/CVE-2021-28163"
},
{
"category": "external",
"summary": "SUSE Bug 1184366 for CVE-2021-28163",
"url": "https://bugzilla.suse.com/1184366"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-28163"
},
{
"cve": "CVE-2021-28164",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-28164"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-28164",
"url": "https://www.suse.com/security/cve/CVE-2021-28164"
},
{
"category": "external",
"summary": "SUSE Bug 1184368 for CVE-2021-28164",
"url": "https://bugzilla.suse.com/1184368"
},
{
"category": "external",
"summary": "SUSE Bug 1188438 for CVE-2021-28164",
"url": "https://bugzilla.suse.com/1188438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-28164"
},
{
"cve": "CVE-2021-28165",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-28165"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-28165",
"url": "https://www.suse.com/security/cve/CVE-2021-28165"
},
{
"category": "external",
"summary": "SUSE Bug 1184367 for CVE-2021-28165",
"url": "https://bugzilla.suse.com/1184367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-28165"
},
{
"cve": "CVE-2021-28169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-28169"
}
],
"notes": [
{
"category": "general",
"text": "For Eclipse Jetty versions \u003c= 9.4.40, \u003c= 10.0.2, \u003c= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-28169",
"url": "https://www.suse.com/security/cve/CVE-2021-28169"
},
{
"category": "external",
"summary": "SUSE Bug 1187117 for CVE-2021-28169",
"url": "https://bugzilla.suse.com/1187117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-28169"
},
{
"cve": "CVE-2021-34429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-34429"
}
],
"notes": [
{
"category": "general",
"text": "For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 \u0026 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-34429",
"url": "https://www.suse.com/security/cve/CVE-2021-34429"
},
{
"category": "external",
"summary": "SUSE Bug 1188438 for CVE-2021-34429",
"url": "https://bugzilla.suse.com/1188438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.43-1.2.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.43-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-34429"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…