Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-5795 (GCVE-0-2026-5795)
Vulnerability from cvelistv5 – Published: 2026-04-08 13:32 – Updated: 2026-04-09 03:56
VLAI?
EPSS
Summary
In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable.
Upon returning from the initial checks, there are conditions that cause an early return from the JASPIAuthenticator code without clearing those ThreadLocals.
A subsequent request using the same thread inherits the ThreadLocal values, leading to a broken access control and privilege escalation.
Severity ?
7.4 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Eclipse Foundation | Eclipse Jetty |
Affected:
12.1.0 , ≤ 12.1.7
(semver)
Affected: 12.0.0 , ≤ 12.0.33 (semver) Affected: 11.0.0 , ≤ 11.0.28 (semver) Affected: 10.0.0 , ≤ 10.0.28 (semver) Affected: 9.4.0 , ≤ 9.4.60 (semver) |
Credits
https://github.com/HRsGIT
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5795",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-08T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-09T03:56:11.784Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Eclipse Jetty",
"repo": "https://github.com/jetty/jetty.project",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThanOrEqual": "12.1.7",
"status": "affected",
"version": "12.1.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "12.0.33",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "11.0.28",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.0.28",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.4.60",
"status": "affected",
"version": "9.4.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "https://github.com/HRsGIT"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Eclipse Jetty, the class \u003ccode\u003eJASPIAuthenticator\u003c/code\u003e initiates the authentication checks, which set two \u003ccode\u003eThreadLocal\u003c/code\u003e variable.\u003c/p\u003e\n\u003cp\u003eUpon returning from the initial checks, there are conditions that cause an early return from the \u003ccode\u003eJASPIAuthenticator\u003c/code\u003e code without clearing those \u003ccode\u003eThreadLocal\u003c/code\u003es.\u003c/p\u003e\n\u003cp\u003eA subsequent request using the same thread inherits the \u003ccode\u003eThreadLocal\u003c/code\u003e values, leading to a broken access control and privilege escalation.\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e"
}
],
"value": "In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable.\n\n\nUpon returning from the initial checks, there are conditions that cause an early return from the JASPIAuthenticator code without clearing those ThreadLocals.\n\n\nA subsequent request using the same thread inherits the ThreadLocal values, leading to a broken access control and privilege escalation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-226",
"description": "CWE-226 Sensitive information in resource not removed before reuse",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T13:32:28.935Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-r7p8-xq5m-436chttps://"
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignment/-/issues/92"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2026-5795",
"datePublished": "2026-04-08T13:32:28.935Z",
"dateReserved": "2026-04-08T13:21:06.990Z",
"dateUpdated": "2026-04-09T03:56:11.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-5795",
"date": "2026-04-24",
"epss": "0.0002",
"percentile": "0.05633"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-5795\",\"sourceIdentifier\":\"emo@eclipse.org\",\"published\":\"2026-04-08T14:16:32.633\",\"lastModified\":\"2026-04-23T11:54:04.517\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable.\\n\\n\\nUpon returning from the initial checks, there are conditions that cause an early return from the JASPIAuthenticator code without clearing those ThreadLocals.\\n\\n\\nA subsequent request using the same thread inherits the ThreadLocal values, leading to a broken access control and privilege escalation.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"emo@eclipse.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"emo@eclipse.org\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-226\"},{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.4.0\",\"versionEndIncluding\":\"9.4.58\",\"matchCriteriaId\":\"D6BB4322-1158-46D7-8A04-2B4FBC3941A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndIncluding\":\"10.0.26\",\"matchCriteriaId\":\"56F09A5B-49C1-406A-B4F6-D6F2D3FA660E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.0.26\",\"matchCriteriaId\":\"2B1CFB36-11A3-449E-BDDF-7837CE9E1511\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndExcluding\":\"12.0.34\",\"matchCriteriaId\":\"FDF5EEDA-C7D3-41A7-824F-E8CA0402C3B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndExcluding\":\"12.1.8\",\"matchCriteriaId\":\"4A3BA101-07D6-4DE1-A258-A60679A178FB\"}]}]}],\"references\":[{\"url\":\"https://github.com/jetty/jetty.project/security/advisories/GHSA-r7p8-xq5m-436chttps://\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://gitlab.eclipse.org/security/cve-assignment/-/issues/92\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Broken Link\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-5795\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-08T16:01:55.551503Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-08T16:01:58.420Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"https://github.com/HRsGIT\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/jetty/jetty.project\", \"vendor\": \"Eclipse Foundation\", \"product\": \"Eclipse Jetty\", \"versions\": [{\"status\": \"affected\", \"version\": \"12.1.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"12.1.7\"}, {\"status\": \"affected\", \"version\": \"12.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"12.0.33\"}, {\"status\": \"affected\", \"version\": \"11.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"11.0.28\"}, {\"status\": \"affected\", \"version\": \"10.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"10.0.28\"}, {\"status\": \"affected\", \"version\": \"9.4.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"9.4.60\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/jetty/jetty.project/security/advisories/GHSA-r7p8-xq5m-436chttps://\"}, {\"url\": \"https://gitlab.eclipse.org/security/cve-assignment/-/issues/92\"}], \"x_generator\": {\"engine\": \"Vulnogram 1.0.1\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable.\\n\\n\\nUpon returning from the initial checks, there are conditions that cause an early return from the JASPIAuthenticator code without clearing those ThreadLocals.\\n\\n\\nA subsequent request using the same thread inherits the ThreadLocal values, leading to a broken access control and privilege escalation.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eIn Eclipse Jetty, the class \u003ccode\u003eJASPIAuthenticator\u003c/code\u003e initiates the authentication checks, which set two \u003ccode\u003eThreadLocal\u003c/code\u003e variable.\u003c/p\u003e\\n\u003cp\u003eUpon returning from the initial checks, there are conditions that cause an early return from the \u003ccode\u003eJASPIAuthenticator\u003c/code\u003e code without clearing those \u003ccode\u003eThreadLocal\u003c/code\u003es.\u003c/p\u003e\\n\u003cp\u003eA subsequent request using the same thread inherits the \u003ccode\u003eThreadLocal\u003c/code\u003e values, leading to a broken access control and privilege escalation.\u003c/p\u003e\\n\\n\u003cp\u003e\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-226\", \"description\": \"CWE-226 Sensitive information in resource not removed before reuse\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-287\", \"description\": \"CWE-287 Improper Authentication\"}]}], \"providerMetadata\": {\"orgId\": \"e51fbebd-6053-4e49-959f-1b94eeb69a2c\", \"shortName\": \"eclipse\", \"dateUpdated\": \"2026-04-08T13:32:28.935Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-5795\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-09T03:56:11.784Z\", \"dateReserved\": \"2026-04-08T13:21:06.990Z\", \"assignerOrgId\": \"e51fbebd-6053-4e49-959f-1b94eeb69a2c\", \"datePublished\": \"2026-04-08T13:32:28.935Z\", \"assignerShortName\": \"eclipse\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
GHSA-GC59-R5JQ-98QW
Vulnerability from github – Published: 2026-04-08 15:31 – Updated: 2026-04-14 00:06
VLAI?
Summary
Duplicate Advisory: Eclipse Jetty: Early return from the JASPIAuthenticator code can potentially no clear ThreadLocal variables
Details
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-r7p8-xq5m-436c. This link is maintained to preserve external references.
Original Description
In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable.
Upon returning from the initial checks, there are conditions that cause an early return from the JASPIAuthenticator code without clearing those ThreadLocals.
A subsequent request using the same thread inherits the ThreadLocal values, leading to a broken access control and privilege escalation.
Severity ?
7.4 (High)
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty.ee10:jetty-ee10"
},
"ranges": [
{
"events": [
{
"introduced": "12.1.0"
},
{
"fixed": "12.1.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty.ee10:jetty-ee10"
},
"ranges": [
{
"events": [
{
"introduced": "12.0.0"
},
{
"fixed": "12.0.33"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty.ee10:jetty-ee10"
},
"ranges": [
{
"events": [
{
"introduced": "11.0.0"
},
{
"fixed": "11.0.28"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty.ee10:jetty-ee10"
},
"ranges": [
{
"events": [
{
"introduced": "10.0.0"
},
{
"fixed": "10.0.28"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty.ee10:jetty-ee10"
},
"ranges": [
{
"events": [
{
"introduced": "9.4.0"
},
{
"fixed": "9.4.60"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-226"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-08T19:24:59Z",
"nvd_published_at": "2026-04-08T14:16:32Z",
"severity": "HIGH"
},
"details": "## Duplicate Advisory\n\nThis advisory has been withdrawn because it is a duplicate of GHSA-r7p8-xq5m-436c. This link is maintained to preserve external references.\n\n## Original Description\nIn Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable.\n\n\nUpon returning from the initial checks, there are conditions that cause an early return from the JASPIAuthenticator code without clearing those ThreadLocals.\n\n\nA subsequent request using the same thread inherits the ThreadLocal values, leading to a broken access control and privilege escalation.",
"id": "GHSA-gc59-r5jq-98qw",
"modified": "2026-04-14T00:06:18Z",
"published": "2026-04-08T15:31:44Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-r7p8-xq5m-436c"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5795"
},
{
"type": "PACKAGE",
"url": "https://github.com/jetty/jetty.project"
},
{
"type": "WEB",
"url": "https://gitlab.eclipse.org/security/cve-assignment/-/issues/92"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Duplicate Advisory: Eclipse Jetty: Early return from the JASPIAuthenticator code can potentially no clear ThreadLocal variables",
"withdrawn": "2026-04-14T00:06:18Z"
}
GHSA-R7P8-XQ5M-436C
Vulnerability from github – Published: 2026-04-14 00:06 – Updated: 2026-04-14 00:06
VLAI?
Summary
Eclipse Jetty: Early return from the JASPIAuthenticator code can potentially no clear ThreadLocal variables
Details
Description (as reported)
A security vulnerability has been identified in Jetty's JaspiAuthenticator.java.
The root cause is a failure to consistently clear authentication metadata stored in ThreadLocal during certain error or incomplete authentication flows.
Specifically, after a GroupPrincipalCallback is persisted into the ThreadLocal, the authentication process may exit prematurely — before the ThreadLocal storage is cleared — if a mandatory CallerPrincipalCallback is missing or an exception occurs.
This allows a subsequent, unprivileged user processed by the same worker thread to inherit these residual security roles, leading to Broken Access Control and Privilege Escalation.
See also attached PDF.
Impact
An unauthenticated user may gain ungrated privileges from a previous request (privilege escalation).
Patches
No patches yet.
Workarounds
Do not use Jetty's JASPI.
Severity ?
7.4 (High)
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 12.1.7"
},
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty.ee11:jetty-ee11-jaspi"
},
"ranges": [
{
"events": [
{
"introduced": "12.1.0"
},
{
"fixed": "12.1.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 12.1.7"
},
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty.ee10:jetty-ee10-jaspi"
},
"ranges": [
{
"events": [
{
"introduced": "12.1.0"
},
{
"fixed": "12.1.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 12.1.7"
},
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty.ee9:jetty-ee9-jaspi"
},
"ranges": [
{
"events": [
{
"introduced": "12.1.0"
},
{
"fixed": "12.1.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 12.1.7"
},
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty.ee8:jetty-ee8-jaspi"
},
"ranges": [
{
"events": [
{
"introduced": "12.1.0"
},
{
"fixed": "12.1.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 12.0.33"
},
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty.ee11:jetty-ee11-jaspi"
},
"ranges": [
{
"events": [
{
"introduced": "12.0.0"
},
{
"fixed": "12.0.34"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 12.0.33"
},
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty.ee10:jetty-ee10-jaspi"
},
"ranges": [
{
"events": [
{
"introduced": "12.0.0"
},
{
"fixed": "12.0.34"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 12.0.33"
},
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty.ee9:jetty-ee9-jaspi"
},
"ranges": [
{
"events": [
{
"introduced": "12.0.0"
},
{
"fixed": "12.0.34"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 12.0.33"
},
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty.ee8:jetty-ee8-jaspi"
},
"ranges": [
{
"events": [
{
"introduced": "12.0.0"
},
{
"fixed": "12.0.34"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 11.0.28"
},
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty:jetty-jaspi"
},
"ranges": [
{
"events": [
{
"introduced": "11.0.0"
},
{
"fixed": "11.0.29"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 10.0.28"
},
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty:jetty-jaspi"
},
"ranges": [
{
"events": [
{
"introduced": "10.0.0"
},
{
"fixed": "10.0.29"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 9.4.60"
},
"package": {
"ecosystem": "Maven",
"name": "org.eclipse.jetty:jetty-jaspi"
},
"ranges": [
{
"events": [
{
"introduced": "9.4.0"
},
{
"fixed": "9.4.61"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-5795"
],
"database_specific": {
"cwe_ids": [
"CWE-226",
"CWE-287"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-14T00:06:27Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Description (as reported)\n\nA security vulnerability has been identified in Jetty\u0027s `JaspiAuthenticator.java`. \n\nThe root cause is a failure to consistently clear authentication metadata stored in `ThreadLocal` during certain error or incomplete authentication flows. \nSpecifically, after a `GroupPrincipalCallback` is persisted into the `ThreadLocal`, the authentication process may exit prematurely \u2014 before the `ThreadLocal` storage is cleared \u2014 if a mandatory `CallerPrincipalCallback` is missing or an exception occurs. \nThis allows a subsequent, unprivileged user processed by the same worker thread to inherit these residual security roles, leading to Broken Access Control and Privilege Escalation.\n\nSee also attached PDF.\n\n### Impact\nAn unauthenticated user may gain ungrated privileges from a previous request (privilege escalation).\n\n### Patches\nNo patches yet.\n\n### Workarounds\nDo not use Jetty\u0027s JASPI.",
"id": "GHSA-r7p8-xq5m-436c",
"modified": "2026-04-14T00:06:27Z",
"published": "2026-04-14T00:06:27Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-r7p8-xq5m-436c"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5795"
},
{
"type": "PACKAGE",
"url": "https://github.com/jetty/jetty.project"
},
{
"type": "WEB",
"url": "https://github.com/user-attachments/files/26118760/JaspiAuthenticator_Security_Report.pdf"
},
{
"type": "WEB",
"url": "https://gitlab.eclipse.org/security/cve-assignment/-/issues/92"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Eclipse Jetty: Early return from the JASPIAuthenticator code can potentially no clear ThreadLocal variables"
}
OPENSUSE-SU-2026:10574-1
Vulnerability from csaf_opensuse - Published: 2026-04-18 00:00 - Updated: 2026-04-18 00:00Summary
jetty-annotations-9.4.58-4.1 on GA media
Severity
Moderate
Notes
Title of the patch: jetty-annotations-9.4.58-4.1 on GA media
Description of the patch: These are all security issues fixed in the jetty-annotations-9.4.58-4.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10574
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.4 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.4 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "jetty-annotations-9.4.58-4.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the jetty-annotations-9.4.58-4.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10574",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10574-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-2332 page",
"url": "https://www.suse.com/security/cve/CVE-2026-2332/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-5795 page",
"url": "https://www.suse.com/security/cve/CVE-2026-5795/"
}
],
"title": "jetty-annotations-9.4.58-4.1 on GA media",
"tracking": {
"current_release_date": "2026-04-18T00:00:00Z",
"generator": {
"date": "2026-04-18T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10574-1",
"initial_release_date": "2026-04-18T00:00:00Z",
"revision_history": [
{
"date": "2026-04-18T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "jetty-annotations-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-annotations-9.4.58-4.1.aarch64",
"product_id": "jetty-annotations-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-ant-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-ant-9.4.58-4.1.aarch64",
"product_id": "jetty-ant-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-cdi-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-cdi-9.4.58-4.1.aarch64",
"product_id": "jetty-cdi-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-client-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-client-9.4.58-4.1.aarch64",
"product_id": "jetty-client-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-continuation-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-continuation-9.4.58-4.1.aarch64",
"product_id": "jetty-continuation-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-deploy-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-deploy-9.4.58-4.1.aarch64",
"product_id": "jetty-deploy-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-fcgi-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-fcgi-9.4.58-4.1.aarch64",
"product_id": "jetty-fcgi-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-http-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-http-9.4.58-4.1.aarch64",
"product_id": "jetty-http-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-http-spi-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-http-spi-9.4.58-4.1.aarch64",
"product_id": "jetty-http-spi-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-io-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-io-9.4.58-4.1.aarch64",
"product_id": "jetty-io-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-jaas-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-jaas-9.4.58-4.1.aarch64",
"product_id": "jetty-jaas-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-jaspi-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-jaspi-9.4.58-4.1.aarch64",
"product_id": "jetty-jaspi-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-jmx-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-jmx-9.4.58-4.1.aarch64",
"product_id": "jetty-jmx-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-jndi-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-jndi-9.4.58-4.1.aarch64",
"product_id": "jetty-jndi-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-jsp-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-jsp-9.4.58-4.1.aarch64",
"product_id": "jetty-jsp-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-minimal-javadoc-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-minimal-javadoc-9.4.58-4.1.aarch64",
"product_id": "jetty-minimal-javadoc-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-openid-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-openid-9.4.58-4.1.aarch64",
"product_id": "jetty-openid-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-plus-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-plus-9.4.58-4.1.aarch64",
"product_id": "jetty-plus-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-project-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-project-9.4.58-4.1.aarch64",
"product_id": "jetty-project-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-proxy-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-proxy-9.4.58-4.1.aarch64",
"product_id": "jetty-proxy-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-quickstart-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-quickstart-9.4.58-4.1.aarch64",
"product_id": "jetty-quickstart-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-rewrite-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-rewrite-9.4.58-4.1.aarch64",
"product_id": "jetty-rewrite-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-security-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-security-9.4.58-4.1.aarch64",
"product_id": "jetty-security-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-server-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-server-9.4.58-4.1.aarch64",
"product_id": "jetty-server-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-servlet-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-servlet-9.4.58-4.1.aarch64",
"product_id": "jetty-servlet-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-servlets-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-servlets-9.4.58-4.1.aarch64",
"product_id": "jetty-servlets-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-start-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-start-9.4.58-4.1.aarch64",
"product_id": "jetty-start-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-util-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-util-9.4.58-4.1.aarch64",
"product_id": "jetty-util-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-util-ajax-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-util-ajax-9.4.58-4.1.aarch64",
"product_id": "jetty-util-ajax-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-webapp-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-webapp-9.4.58-4.1.aarch64",
"product_id": "jetty-webapp-9.4.58-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "jetty-xml-9.4.58-4.1.aarch64",
"product": {
"name": "jetty-xml-9.4.58-4.1.aarch64",
"product_id": "jetty-xml-9.4.58-4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "jetty-annotations-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-annotations-9.4.58-4.1.ppc64le",
"product_id": "jetty-annotations-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-ant-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-ant-9.4.58-4.1.ppc64le",
"product_id": "jetty-ant-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-cdi-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-cdi-9.4.58-4.1.ppc64le",
"product_id": "jetty-cdi-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-client-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-client-9.4.58-4.1.ppc64le",
"product_id": "jetty-client-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-continuation-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-continuation-9.4.58-4.1.ppc64le",
"product_id": "jetty-continuation-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-deploy-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-deploy-9.4.58-4.1.ppc64le",
"product_id": "jetty-deploy-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-fcgi-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-fcgi-9.4.58-4.1.ppc64le",
"product_id": "jetty-fcgi-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-http-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-http-9.4.58-4.1.ppc64le",
"product_id": "jetty-http-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-http-spi-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-http-spi-9.4.58-4.1.ppc64le",
"product_id": "jetty-http-spi-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-io-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-io-9.4.58-4.1.ppc64le",
"product_id": "jetty-io-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-jaas-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-jaas-9.4.58-4.1.ppc64le",
"product_id": "jetty-jaas-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-jaspi-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-jaspi-9.4.58-4.1.ppc64le",
"product_id": "jetty-jaspi-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-jmx-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-jmx-9.4.58-4.1.ppc64le",
"product_id": "jetty-jmx-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-jndi-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-jndi-9.4.58-4.1.ppc64le",
"product_id": "jetty-jndi-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-jsp-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-jsp-9.4.58-4.1.ppc64le",
"product_id": "jetty-jsp-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-minimal-javadoc-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-minimal-javadoc-9.4.58-4.1.ppc64le",
"product_id": "jetty-minimal-javadoc-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-openid-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-openid-9.4.58-4.1.ppc64le",
"product_id": "jetty-openid-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-plus-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-plus-9.4.58-4.1.ppc64le",
"product_id": "jetty-plus-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-project-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-project-9.4.58-4.1.ppc64le",
"product_id": "jetty-project-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-proxy-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-proxy-9.4.58-4.1.ppc64le",
"product_id": "jetty-proxy-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-quickstart-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-quickstart-9.4.58-4.1.ppc64le",
"product_id": "jetty-quickstart-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-rewrite-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-rewrite-9.4.58-4.1.ppc64le",
"product_id": "jetty-rewrite-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-security-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-security-9.4.58-4.1.ppc64le",
"product_id": "jetty-security-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-server-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-server-9.4.58-4.1.ppc64le",
"product_id": "jetty-server-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-servlet-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-servlet-9.4.58-4.1.ppc64le",
"product_id": "jetty-servlet-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-servlets-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-servlets-9.4.58-4.1.ppc64le",
"product_id": "jetty-servlets-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-start-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-start-9.4.58-4.1.ppc64le",
"product_id": "jetty-start-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-util-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-util-9.4.58-4.1.ppc64le",
"product_id": "jetty-util-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-util-ajax-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-util-ajax-9.4.58-4.1.ppc64le",
"product_id": "jetty-util-ajax-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-webapp-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-webapp-9.4.58-4.1.ppc64le",
"product_id": "jetty-webapp-9.4.58-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "jetty-xml-9.4.58-4.1.ppc64le",
"product": {
"name": "jetty-xml-9.4.58-4.1.ppc64le",
"product_id": "jetty-xml-9.4.58-4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "jetty-annotations-9.4.58-4.1.s390x",
"product": {
"name": "jetty-annotations-9.4.58-4.1.s390x",
"product_id": "jetty-annotations-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-ant-9.4.58-4.1.s390x",
"product": {
"name": "jetty-ant-9.4.58-4.1.s390x",
"product_id": "jetty-ant-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-cdi-9.4.58-4.1.s390x",
"product": {
"name": "jetty-cdi-9.4.58-4.1.s390x",
"product_id": "jetty-cdi-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-client-9.4.58-4.1.s390x",
"product": {
"name": "jetty-client-9.4.58-4.1.s390x",
"product_id": "jetty-client-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-continuation-9.4.58-4.1.s390x",
"product": {
"name": "jetty-continuation-9.4.58-4.1.s390x",
"product_id": "jetty-continuation-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-deploy-9.4.58-4.1.s390x",
"product": {
"name": "jetty-deploy-9.4.58-4.1.s390x",
"product_id": "jetty-deploy-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-fcgi-9.4.58-4.1.s390x",
"product": {
"name": "jetty-fcgi-9.4.58-4.1.s390x",
"product_id": "jetty-fcgi-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-http-9.4.58-4.1.s390x",
"product": {
"name": "jetty-http-9.4.58-4.1.s390x",
"product_id": "jetty-http-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-http-spi-9.4.58-4.1.s390x",
"product": {
"name": "jetty-http-spi-9.4.58-4.1.s390x",
"product_id": "jetty-http-spi-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-io-9.4.58-4.1.s390x",
"product": {
"name": "jetty-io-9.4.58-4.1.s390x",
"product_id": "jetty-io-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-jaas-9.4.58-4.1.s390x",
"product": {
"name": "jetty-jaas-9.4.58-4.1.s390x",
"product_id": "jetty-jaas-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-jaspi-9.4.58-4.1.s390x",
"product": {
"name": "jetty-jaspi-9.4.58-4.1.s390x",
"product_id": "jetty-jaspi-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-jmx-9.4.58-4.1.s390x",
"product": {
"name": "jetty-jmx-9.4.58-4.1.s390x",
"product_id": "jetty-jmx-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-jndi-9.4.58-4.1.s390x",
"product": {
"name": "jetty-jndi-9.4.58-4.1.s390x",
"product_id": "jetty-jndi-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-jsp-9.4.58-4.1.s390x",
"product": {
"name": "jetty-jsp-9.4.58-4.1.s390x",
"product_id": "jetty-jsp-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-minimal-javadoc-9.4.58-4.1.s390x",
"product": {
"name": "jetty-minimal-javadoc-9.4.58-4.1.s390x",
"product_id": "jetty-minimal-javadoc-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-openid-9.4.58-4.1.s390x",
"product": {
"name": "jetty-openid-9.4.58-4.1.s390x",
"product_id": "jetty-openid-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-plus-9.4.58-4.1.s390x",
"product": {
"name": "jetty-plus-9.4.58-4.1.s390x",
"product_id": "jetty-plus-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-project-9.4.58-4.1.s390x",
"product": {
"name": "jetty-project-9.4.58-4.1.s390x",
"product_id": "jetty-project-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-proxy-9.4.58-4.1.s390x",
"product": {
"name": "jetty-proxy-9.4.58-4.1.s390x",
"product_id": "jetty-proxy-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-quickstart-9.4.58-4.1.s390x",
"product": {
"name": "jetty-quickstart-9.4.58-4.1.s390x",
"product_id": "jetty-quickstart-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-rewrite-9.4.58-4.1.s390x",
"product": {
"name": "jetty-rewrite-9.4.58-4.1.s390x",
"product_id": "jetty-rewrite-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-security-9.4.58-4.1.s390x",
"product": {
"name": "jetty-security-9.4.58-4.1.s390x",
"product_id": "jetty-security-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-server-9.4.58-4.1.s390x",
"product": {
"name": "jetty-server-9.4.58-4.1.s390x",
"product_id": "jetty-server-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-servlet-9.4.58-4.1.s390x",
"product": {
"name": "jetty-servlet-9.4.58-4.1.s390x",
"product_id": "jetty-servlet-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-servlets-9.4.58-4.1.s390x",
"product": {
"name": "jetty-servlets-9.4.58-4.1.s390x",
"product_id": "jetty-servlets-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-start-9.4.58-4.1.s390x",
"product": {
"name": "jetty-start-9.4.58-4.1.s390x",
"product_id": "jetty-start-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-util-9.4.58-4.1.s390x",
"product": {
"name": "jetty-util-9.4.58-4.1.s390x",
"product_id": "jetty-util-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-util-ajax-9.4.58-4.1.s390x",
"product": {
"name": "jetty-util-ajax-9.4.58-4.1.s390x",
"product_id": "jetty-util-ajax-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-webapp-9.4.58-4.1.s390x",
"product": {
"name": "jetty-webapp-9.4.58-4.1.s390x",
"product_id": "jetty-webapp-9.4.58-4.1.s390x"
}
},
{
"category": "product_version",
"name": "jetty-xml-9.4.58-4.1.s390x",
"product": {
"name": "jetty-xml-9.4.58-4.1.s390x",
"product_id": "jetty-xml-9.4.58-4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "jetty-annotations-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-annotations-9.4.58-4.1.x86_64",
"product_id": "jetty-annotations-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-ant-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-ant-9.4.58-4.1.x86_64",
"product_id": "jetty-ant-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-cdi-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-cdi-9.4.58-4.1.x86_64",
"product_id": "jetty-cdi-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-client-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-client-9.4.58-4.1.x86_64",
"product_id": "jetty-client-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-continuation-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-continuation-9.4.58-4.1.x86_64",
"product_id": "jetty-continuation-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-deploy-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-deploy-9.4.58-4.1.x86_64",
"product_id": "jetty-deploy-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-fcgi-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-fcgi-9.4.58-4.1.x86_64",
"product_id": "jetty-fcgi-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-http-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-http-9.4.58-4.1.x86_64",
"product_id": "jetty-http-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-http-spi-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-http-spi-9.4.58-4.1.x86_64",
"product_id": "jetty-http-spi-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-io-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-io-9.4.58-4.1.x86_64",
"product_id": "jetty-io-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-jaas-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-jaas-9.4.58-4.1.x86_64",
"product_id": "jetty-jaas-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-jaspi-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-jaspi-9.4.58-4.1.x86_64",
"product_id": "jetty-jaspi-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-jmx-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-jmx-9.4.58-4.1.x86_64",
"product_id": "jetty-jmx-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-jndi-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-jndi-9.4.58-4.1.x86_64",
"product_id": "jetty-jndi-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-jsp-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-jsp-9.4.58-4.1.x86_64",
"product_id": "jetty-jsp-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-minimal-javadoc-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-minimal-javadoc-9.4.58-4.1.x86_64",
"product_id": "jetty-minimal-javadoc-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-openid-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-openid-9.4.58-4.1.x86_64",
"product_id": "jetty-openid-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-plus-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-plus-9.4.58-4.1.x86_64",
"product_id": "jetty-plus-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-project-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-project-9.4.58-4.1.x86_64",
"product_id": "jetty-project-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-proxy-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-proxy-9.4.58-4.1.x86_64",
"product_id": "jetty-proxy-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-quickstart-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-quickstart-9.4.58-4.1.x86_64",
"product_id": "jetty-quickstart-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-rewrite-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-rewrite-9.4.58-4.1.x86_64",
"product_id": "jetty-rewrite-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-security-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-security-9.4.58-4.1.x86_64",
"product_id": "jetty-security-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-server-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-server-9.4.58-4.1.x86_64",
"product_id": "jetty-server-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-servlet-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-servlet-9.4.58-4.1.x86_64",
"product_id": "jetty-servlet-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-servlets-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-servlets-9.4.58-4.1.x86_64",
"product_id": "jetty-servlets-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-start-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-start-9.4.58-4.1.x86_64",
"product_id": "jetty-start-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-util-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-util-9.4.58-4.1.x86_64",
"product_id": "jetty-util-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-util-ajax-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-util-ajax-9.4.58-4.1.x86_64",
"product_id": "jetty-util-ajax-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-webapp-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-webapp-9.4.58-4.1.x86_64",
"product_id": "jetty-webapp-9.4.58-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "jetty-xml-9.4.58-4.1.x86_64",
"product": {
"name": "jetty-xml-9.4.58-4.1.x86_64",
"product_id": "jetty-xml-9.4.58-4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-annotations-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-annotations-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-annotations-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-annotations-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-annotations-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.s390x"
},
"product_reference": "jetty-annotations-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-annotations-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-annotations-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-ant-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-ant-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-ant-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-ant-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-ant-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.s390x"
},
"product_reference": "jetty-ant-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-ant-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-ant-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-cdi-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-cdi-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-cdi-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-cdi-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-cdi-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.s390x"
},
"product_reference": "jetty-cdi-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-cdi-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-cdi-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-client-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-client-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-client-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-client-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-client-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-client-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-client-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-client-9.4.58-4.1.s390x"
},
"product_reference": "jetty-client-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-client-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-client-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-client-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-continuation-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-continuation-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-continuation-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-continuation-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-continuation-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.s390x"
},
"product_reference": "jetty-continuation-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-continuation-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-continuation-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-deploy-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-deploy-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-deploy-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-deploy-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-deploy-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.s390x"
},
"product_reference": "jetty-deploy-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-deploy-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-deploy-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-fcgi-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-fcgi-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-fcgi-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-fcgi-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-fcgi-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.s390x"
},
"product_reference": "jetty-fcgi-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-fcgi-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-fcgi-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-http-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-http-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-9.4.58-4.1.s390x"
},
"product_reference": "jetty-http-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-http-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-spi-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-http-spi-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-spi-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-http-spi-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-spi-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.s390x"
},
"product_reference": "jetty-http-spi-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-http-spi-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-http-spi-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-io-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-io-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-io-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-io-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-io-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-io-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-io-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-io-9.4.58-4.1.s390x"
},
"product_reference": "jetty-io-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-io-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-io-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-io-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jaas-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-jaas-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jaas-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-jaas-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jaas-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.s390x"
},
"product_reference": "jetty-jaas-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jaas-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-jaas-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jaspi-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-jaspi-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jaspi-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-jaspi-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jaspi-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.s390x"
},
"product_reference": "jetty-jaspi-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jaspi-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-jaspi-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jmx-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-jmx-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jmx-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-jmx-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jmx-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.s390x"
},
"product_reference": "jetty-jmx-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jmx-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-jmx-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jndi-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-jndi-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jndi-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-jndi-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jndi-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.s390x"
},
"product_reference": "jetty-jndi-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jndi-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-jndi-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jsp-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-jsp-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jsp-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-jsp-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jsp-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.s390x"
},
"product_reference": "jetty-jsp-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-jsp-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-jsp-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-minimal-javadoc-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-minimal-javadoc-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-minimal-javadoc-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-minimal-javadoc-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-minimal-javadoc-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.s390x"
},
"product_reference": "jetty-minimal-javadoc-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-minimal-javadoc-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-minimal-javadoc-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-openid-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-openid-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-openid-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-openid-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-openid-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.s390x"
},
"product_reference": "jetty-openid-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-openid-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-openid-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-plus-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-plus-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-plus-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-plus-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-plus-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.s390x"
},
"product_reference": "jetty-plus-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-plus-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-plus-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-project-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-project-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-project-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-project-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-project-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-project-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-project-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-project-9.4.58-4.1.s390x"
},
"product_reference": "jetty-project-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-project-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-project-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-project-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-proxy-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-proxy-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-proxy-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-proxy-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-proxy-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.s390x"
},
"product_reference": "jetty-proxy-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-proxy-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-proxy-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-quickstart-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-quickstart-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-quickstart-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-quickstart-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-quickstart-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.s390x"
},
"product_reference": "jetty-quickstart-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-quickstart-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-quickstart-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-rewrite-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-rewrite-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-rewrite-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-rewrite-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-rewrite-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.s390x"
},
"product_reference": "jetty-rewrite-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-rewrite-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-rewrite-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-security-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-security-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-security-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-security-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-security-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-security-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-security-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-security-9.4.58-4.1.s390x"
},
"product_reference": "jetty-security-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-security-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-security-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-security-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-server-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-server-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-server-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-server-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-server-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-server-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-server-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-server-9.4.58-4.1.s390x"
},
"product_reference": "jetty-server-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-server-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-server-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-server-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlet-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-servlet-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlet-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-servlet-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlet-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.s390x"
},
"product_reference": "jetty-servlet-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlet-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-servlet-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlets-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-servlets-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlets-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-servlets-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlets-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.s390x"
},
"product_reference": "jetty-servlets-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-servlets-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-servlets-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-start-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-start-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-start-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-start-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-start-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-start-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-start-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-start-9.4.58-4.1.s390x"
},
"product_reference": "jetty-start-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-start-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-start-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-start-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-util-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-util-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-9.4.58-4.1.s390x"
},
"product_reference": "jetty-util-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-util-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-ajax-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-util-ajax-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-ajax-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-util-ajax-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-ajax-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.s390x"
},
"product_reference": "jetty-util-ajax-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-util-ajax-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-util-ajax-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-webapp-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-webapp-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-webapp-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-webapp-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-webapp-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.s390x"
},
"product_reference": "jetty-webapp-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-webapp-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-webapp-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-xml-9.4.58-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.aarch64"
},
"product_reference": "jetty-xml-9.4.58-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-xml-9.4.58-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.ppc64le"
},
"product_reference": "jetty-xml-9.4.58-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-xml-9.4.58-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.s390x"
},
"product_reference": "jetty-xml-9.4.58-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jetty-xml-9.4.58-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.x86_64"
},
"product_reference": "jetty-xml-9.4.58-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-2332",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-2332"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the \"funky chunks\" techniques outlined here:\n * https://w4ke.info/2025/06/18/funky-chunks.html\n\n * https://w4ke.info/2025/10/29/funky-chunks-2.html\n\n\nJetty terminates chunk extension parsing at \\r\\n inside quoted strings instead of treating this as an error.\n\n\nPOST / HTTP/1.1\nHost: localhost\nTransfer-Encoding: chunked\n\n1;ext=\"val\nX\n0\n\nGET /smuggled HTTP/1.1\n...\n\n\n\n\n\nNote how the chunk extension does not close the double quotes, and it is able to inject a smuggled request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-2332",
"url": "https://www.suse.com/security/cve/CVE-2026-2332"
},
{
"category": "external",
"summary": "SUSE Bug 1262115 for CVE-2026-2332",
"url": "https://bugzilla.suse.com/1262115"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-18T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-2332"
},
{
"cve": "CVE-2026-5795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-5795"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable.\n\n\nUpon returning from the initial checks, there are conditions that cause an early return from the JASPIAuthenticator code without clearing those ThreadLocals.\n\n\nA subsequent request using the same thread inherits the ThreadLocal values, leading to a broken access control and privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-5795",
"url": "https://www.suse.com/security/cve/CVE-2026-5795"
},
{
"category": "external",
"summary": "SUSE Bug 1261997 for CVE-2026-5795",
"url": "https://bugzilla.suse.com/1261997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-annotations-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-ant-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-cdi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-client-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-continuation-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-deploy-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-fcgi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-http-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-http-spi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-io-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jaas-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jaspi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jmx-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jndi-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-jsp-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-minimal-javadoc-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-openid-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-plus-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-project-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-proxy-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-quickstart-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-rewrite-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-security-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-server-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-servlet-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-servlets-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-start-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-util-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-util-ajax-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-webapp-9.4.58-4.1.x86_64",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.aarch64",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.ppc64le",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.s390x",
"openSUSE Tumbleweed:jetty-xml-9.4.58-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-18T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-5795"
}
]
}
FKIE_CVE-2026-5795
Vulnerability from fkie_nvd - Published: 2026-04-08 14:16 - Updated: 2026-04-23 11:54
Severity ?
Summary
In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable.
Upon returning from the initial checks, there are conditions that cause an early return from the JASPIAuthenticator code without clearing those ThreadLocals.
A subsequent request using the same thread inherits the ThreadLocal values, leading to a broken access control and privilege escalation.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6BB4322-1158-46D7-8A04-2B4FBC3941A4",
"versionEndIncluding": "9.4.58",
"versionStartIncluding": "9.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56F09A5B-49C1-406A-B4F6-D6F2D3FA660E",
"versionEndIncluding": "10.0.26",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1CFB36-11A3-449E-BDDF-7837CE9E1511",
"versionEndIncluding": "11.0.26",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF5EEDA-C7D3-41A7-824F-E8CA0402C3B5",
"versionEndExcluding": "12.0.34",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3BA101-07D6-4DE1-A258-A60679A178FB",
"versionEndExcluding": "12.1.8",
"versionStartIncluding": "12.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable.\n\n\nUpon returning from the initial checks, there are conditions that cause an early return from the JASPIAuthenticator code without clearing those ThreadLocals.\n\n\nA subsequent request using the same thread inherits the ThreadLocal values, leading to a broken access control and privilege escalation."
}
],
"id": "CVE-2026-5795",
"lastModified": "2026-04-23T11:54:04.517",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "emo@eclipse.org",
"type": "Secondary"
}
]
},
"published": "2026-04-08T14:16:32.633",
"references": [
{
"source": "emo@eclipse.org",
"tags": [
"Broken Link"
],
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-r7p8-xq5m-436chttps://"
},
{
"source": "emo@eclipse.org",
"tags": [
"Broken Link"
],
"url": "https://gitlab.eclipse.org/security/cve-assignment/-/issues/92"
}
],
"sourceIdentifier": "emo@eclipse.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-226"
},
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "emo@eclipse.org",
"type": "Primary"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…