csaf_suse - suse-su-2020:3922-1

SUSE-SU-2020:3922-1

Vulnerability from csaf_suse - Published: 2020-12-22 14:20 - Updated: 2020-12-22 14:20

Summary

Security update for jetty-minimal

Notes

Title of the patch

Security update for jetty-minimal

Description of the patch

This update for jetty-minimal fixes the following issues: - jetty-minimal was upgraded to version 9.4.35.v20201120 - CVE-2020-27218: Fixed an issue where buffer not correctly recycled in Gzip Request inflation (bsc#1179727).

Patchnames

SUSE-2020-3922,SUSE-SLE-Module-Development-Tools-15-SP2-2020-3922

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for jetty-minimal",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for jetty-minimal fixes the following issues:\n\n- jetty-minimal was upgraded to version 9.4.35.v20201120\n- CVE-2020-27218: Fixed an issue where buffer not correctly recycled in Gzip Request inflation (bsc#1179727).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2020-3922,SUSE-SLE-Module-Development-Tools-15-SP2-2020-3922",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3922-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2020:3922-1",
        "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203922-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2020:3922-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2020-December/008114.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1179727",
        "url": "https://bugzilla.suse.com/1179727"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-27218 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-27218/"
      }
    ],
    "title": "Security update for jetty-minimal",
    "tracking": {
      "current_release_date": "2020-12-22T14:20:51Z",
      "generator": {
        "date": "2020-12-22T14:20:51Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2020:3922-1",
      "initial_release_date": "2020-12-22T14:20:51Z",
      "revision_history": [
        {
          "date": "2020-12-22T14:20:51Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jetty-annotations-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-annotations-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-annotations-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-client-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-client-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-client-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-continuation-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-continuation-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-continuation-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-http-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-http-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-http-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-io-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-io-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-io-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jaas-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-jaas-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-jaas-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-javax-websocket-client-impl-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-javax-websocket-client-impl-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-javax-websocket-client-impl-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-javax-websocket-server-impl-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-javax-websocket-server-impl-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-javax-websocket-server-impl-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jmx-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-jmx-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-jmx-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jndi-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-jndi-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-jndi-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-jsp-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-jsp-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-jsp-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-minimal-javadoc-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-minimal-javadoc-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-minimal-javadoc-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-openid-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-openid-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-openid-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-plus-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-plus-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-plus-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-proxy-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-proxy-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-proxy-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-security-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-security-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-security-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-server-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-server-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-server-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-servlet-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-servlet-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-servlet-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-util-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-util-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-util-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-util-ajax-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-util-ajax-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-util-ajax-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-webapp-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-webapp-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-webapp-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-websocket-api-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-websocket-api-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-websocket-api-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-websocket-client-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-websocket-client-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-websocket-client-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-websocket-common-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-websocket-common-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-websocket-common-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-websocket-javadoc-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-websocket-javadoc-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-websocket-javadoc-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-websocket-server-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-websocket-server-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-websocket-server-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-websocket-servlet-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-websocket-servlet-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-websocket-servlet-9.4.35-3.3.4.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jetty-xml-9.4.35-3.3.4.noarch",
                "product": {
                  "name": "jetty-xml-9.4.35-3.3.4.noarch",
                  "product_id": "jetty-xml-9.4.35-3.3.4.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP2",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP2",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-http-9.4.35-3.3.4.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-http-9.4.35-3.3.4.noarch"
        },
        "product_reference": "jetty-http-9.4.35-3.3.4.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-io-9.4.35-3.3.4.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-io-9.4.35-3.3.4.noarch"
        },
        "product_reference": "jetty-io-9.4.35-3.3.4.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-security-9.4.35-3.3.4.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-security-9.4.35-3.3.4.noarch"
        },
        "product_reference": "jetty-security-9.4.35-3.3.4.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-server-9.4.35-3.3.4.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-server-9.4.35-3.3.4.noarch"
        },
        "product_reference": "jetty-server-9.4.35-3.3.4.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-servlet-9.4.35-3.3.4.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-servlet-9.4.35-3.3.4.noarch"
        },
        "product_reference": "jetty-servlet-9.4.35-3.3.4.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-util-9.4.35-3.3.4.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-util-9.4.35-3.3.4.noarch"
        },
        "product_reference": "jetty-util-9.4.35-3.3.4.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jetty-util-ajax-9.4.35-3.3.4.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP2",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-util-ajax-9.4.35-3.3.4.noarch"
        },
        "product_reference": "jetty-util-ajax-9.4.35-3.3.4.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-27218",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-27218"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-http-9.4.35-3.3.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-io-9.4.35-3.3.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-security-9.4.35-3.3.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-server-9.4.35-3.3.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-servlet-9.4.35-3.3.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-util-9.4.35-3.3.4.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-util-ajax-9.4.35-3.3.4.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-27218",
          "url": "https://www.suse.com/security/cve/CVE-2020-27218"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1179727 for CVE-2020-27218",
          "url": "https://bugzilla.suse.com/1179727"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-http-9.4.35-3.3.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-io-9.4.35-3.3.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-security-9.4.35-3.3.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-server-9.4.35-3.3.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-servlet-9.4.35-3.3.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-util-9.4.35-3.3.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-util-ajax-9.4.35-3.3.4.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-http-9.4.35-3.3.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-io-9.4.35-3.3.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-security-9.4.35-3.3.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-server-9.4.35-3.3.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-servlet-9.4.35-3.3.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-util-9.4.35-3.3.4.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP2:jetty-util-ajax-9.4.35-3.3.4.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-12-22T14:20:51Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-27218"
    }
  ]
}

CVE-2020-27218 (GCVE-0-2020-27218)

Vulnerability from cvelistv5 – Published: 2020-11-28 00:00 – Updated: 2024-08-04 16:11

Summary

In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request.

Severity ?

No CVSS data available.

CWE

CWE-226 - Sensitive Information in Resource Not Removed Before Reuse

Assigner

eclipse

References

URL

Tags

	https://bugs.eclipse.org/bugs/show_bug.cgi?id=568892
	https://github.com/eclipse/jetty.project/security…
	https://lists.apache.org/thread.html/r6d5bb60a13e…	mailing-list
	https://lists.apache.org/thread.html/r8fee46fd9f1…	mailing-list
	https://lists.apache.org/thread.html/rbc5a8d7a0a1…	mailing-list
	https://lists.apache.org/thread.html/r8c839a0d88c…	mailing-list
	https://lists.apache.org/thread.html/r22776d06582…	mailing-list
	https://lists.apache.org/thread.html/rfa8879a7134…	mailing-list
	https://lists.apache.org/thread.html/re86a6ba09dc…	mailing-list
	https://lists.apache.org/thread.html/r23ce6b8965e…	mailing-list
	https://lists.apache.org/thread.html/r4981622ba15…	mailing-list
	https://lists.apache.org/thread.html/re03a5661144…	mailing-list
	https://lists.apache.org/thread.html/r9f571b08696…	mailing-list
	https://lists.apache.org/thread.html/ree677ff289b…	mailing-list
	https://lists.apache.org/thread.html/r1dd302323c6…	mailing-list
	https://lists.apache.org/thread.html/rdde0ad0a03e…	mailing-list
	https://lists.apache.org/thread.html/r602683484f6…	mailing-list
	https://lists.apache.org/thread.html/rb8f413dc923…	mailing-list
	https://lists.apache.org/thread.html/rde11c433675…	mailing-list
	https://lists.apache.org/thread.html/rc0e35f4e8a8…	mailing-list
	https://lists.apache.org/thread.html/r8f5b144e7a7…	mailing-list
	https://lists.apache.org/thread.html/rd0e44e8ef71…	mailing-list
	https://lists.apache.org/thread.html/r821bbffb64d…	mailing-list
	https://lists.apache.org/thread.html/r964d226dd08…	mailing-list
	https://lists.apache.org/thread.html/r70940cb3035…	mailing-list
	https://lists.apache.org/thread.html/r5e5cb33b545…	mailing-list
	https://lists.apache.org/thread.html/r9d7a86fb0b4…	mailing-list
	https://lists.apache.org/thread.html/r8be8c6f0e40…	mailing-list
	https://lists.apache.org/thread.html/rc1de630c6ed…	mailing-list
	https://lists.apache.org/thread.html/r46589f4228a…	mailing-list
	https://lists.apache.org/thread.html/rc91c405c08b…	mailing-list
	https://lists.apache.org/thread.html/r2a57c7bbf36…	mailing-list
	https://lists.apache.org/thread.html/r3d43529452c…	mailing-list
	https://lists.apache.org/thread.html/r186748e676e…	mailing-list
	https://lists.apache.org/thread.html/rce9e232a663…	mailing-list
	https://lists.apache.org/thread.html/re9214a4232b…	mailing-list
	https://lists.apache.org/thread.html/r8b2271909da…	mailing-list
	https://lists.apache.org/thread.html/r3807b1c5406…	mailing-list
	https://lists.apache.org/thread.html/r2f168fd22c0…	mailing-list
	https://lists.apache.org/thread.html/r078c1203e48…	mailing-list
	https://lists.apache.org/thread.html/rccc7ba8c51d…	mailing-list
	https://lists.apache.org/thread.html/r2ffe719224c…	mailing-list
	https://lists.apache.org/thread.html/re4e67541a0a…	mailing-list
	https://lists.apache.org/thread.html/r96ef6d20c5b…	mailing-list
	https://lists.apache.org/thread.html/rcbc408088ae…	mailing-list
	https://lists.apache.org/thread.html/re4ae7ada52c…	mailing-list
	https://lists.apache.org/thread.html/r3554a4f192d…	mailing-list
	https://lists.apache.org/thread.html/racd55c9b704…	mailing-list
	https://lists.apache.org/thread.html/r7d37d33f2d6…	mailing-list
	https://lists.apache.org/thread.html/r00858fe27ee…	mailing-list
	https://lists.apache.org/thread.html/r489dfc3e259…	mailing-list
	https://lists.apache.org/thread.html/rbe3f2e0a3c3…	mailing-list
	https://lists.apache.org/thread.html/r51ec0120b6c…	mailing-list
	https://lists.apache.org/thread.html/r306c8e5aad1…	mailing-list
	https://lists.apache.org/thread.html/r0d2de2ab555…	mailing-list
	https://lists.apache.org/thread.html/r5464405909e…	mailing-list
	https://lists.apache.org/thread.html/r25a47cd0675…	mailing-list
	https://lists.apache.org/thread.html/rdbdbb4e51f8…	mailing-list
	https://lists.apache.org/thread.html/rba4bca48d2c…	mailing-list
	https://lists.apache.org/thread.html/reb75282901d…	mailing-list
	https://lists.apache.org/thread.html/ra09a653997c…	mailing-list
	https://lists.apache.org/thread.html/r870bc5e6e35…	mailing-list
	https://lists.apache.org/thread.html/rf31e24700f7…	mailing-list
	https://lists.apache.org/thread.html/r8c22aad0711…	mailing-list
	https://lists.apache.org/thread.html/r32a25679d97…	mailing-list
	https://lists.apache.org/thread.html/racf9e6ad248…	mailing-list
	https://lists.apache.org/thread.html/r2a541f08bf5…	mailing-list
	https://lists.apache.org/thread.html/r4aff5ca6bc9…	mailing-list
	https://lists.apache.org/thread.html/r850d1d04137…	mailing-list
	https://lists.apache.org/thread.html/rcf7b5818f71…	mailing-list
	https://lists.apache.org/thread.html/r5c64173663c…	mailing-list
	https://lists.apache.org/thread.html/r543ea0a861a…	mailing-list
	https://lists.apache.org/thread.html/r74ab0f5a5f1…	mailing-list
	https://lists.apache.org/thread.html/r8eea4c7797e…	mailing-list
	https://lists.apache.org/thread.html/r500e22d0aed…	mailing-list
	https://lists.apache.org/thread.html/r94230f46b91…	mailing-list
	https://lists.apache.org/thread.html/r01806ad8c9c…	mailing-list
	https://lists.apache.org/thread.html/r8ed14a84656…	mailing-list
	https://lists.apache.org/thread.html/r706562cbbdd…	mailing-list
	https://lists.apache.org/thread.html/r6493e43007f…	mailing-list
	https://lists.apache.org/thread.html/r15500b77c52…	mailing-list
	https://lists.apache.org/thread.html/r81f82ab8ecb…	mailing-list
	https://lists.apache.org/thread.html/rd9a96042974…	mailing-list
	https://lists.apache.org/thread.html/r3b7c8bc7a1c…	mailing-list
	https://lists.apache.org/thread.html/re3918edd403…	mailing-list
	https://lists.apache.org/thread.html/r9b465058687…	mailing-list
	https://lists.apache.org/thread.html/rf0181750e32…	mailing-list
	https://lists.apache.org/thread.html/rf273267fa2e…	mailing-list
	https://lists.apache.org/thread.html/rb6a3866c02a…	mailing-list
	https://lists.apache.org/thread.html/r39f1b1be8e5…	mailing-list
	https://lists.apache.org/thread.html/re014afaa14f…	mailing-list
	https://lists.apache.org/thread.html/r153fbefc27a…	mailing-list
	https://lists.apache.org/thread.html/r7669dab41f2…	mailing-list
	https://lists.apache.org/thread.html/r4b2e7417a76…	mailing-list
	https://lists.apache.org/thread.html/rb4ca79d1af5…	mailing-list
	https://lists.apache.org/thread.html/rd20651e102c…	mailing-list
	https://lists.apache.org/thread.html/r391d20ab6ec…	mailing-list
	https://lists.apache.org/thread.html/rbea4d456d88…	mailing-list
	https://lists.apache.org/thread.html/rbbd003149f9…	mailing-list
	https://lists.apache.org/thread.html/r05b7ffde2b8…	mailing-list
	https://lists.apache.org/thread.html/r990e0296b18…	mailing-list
	https://lists.apache.org/thread.html/r942e21ee90e…	mailing-list
	https://lists.apache.org/thread.html/r66456df852d…	mailing-list
	https://lists.apache.org/thread.html/r380e9257bac…	mailing-list
	https://lists.apache.org/thread.html/r2fda4dab730…	mailing-list
	https://lists.apache.org/thread.html/rd8e24a3e482…	mailing-list
	https://lists.apache.org/thread.html/r352e40ca987…	mailing-list
	https://www.oracle.com/security-alerts/cpuApr2021.html
	https://security.netapp.com/advisory/ntap-2020121…
	https://lists.apache.org/thread.html/r769e1ba36c6…
	https://lists.apache.org/thread.html/rc2b603b7fa7…
	https://lists.apache.org/thread.html/ra1c234f0458…
	https://lists.apache.org/thread.html/rfa34d2a3e42…
	https://www.oracle.com//security-alerts/cpujul2021.html
	https://www.oracle.com/security-alerts/cpuoct2021.html
	https://www.oracle.com/security-alerts/cpuapr2022.html
	https://lists.debian.org/debian-lts-announce/2023…	mailing-list

Impacted products

	Vendor	Product	Version
	The Eclipse Foundation	Eclipse Jetty	Affected: 9.4.0.RC0 to 9.4.34.v20201102 Affected: 10.0.0.alpha0 to 10.0.0.beta2 Affected: 11.0.0.alpha0 to 11.0.0.beta2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:11:36.083Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=568892"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm-8wh8"
          },
          {
            "name": "[zookeeper-notifications] 20201205 [GitHub] [zookeeper] ztzg opened a new pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r6d5bb60a13e8b539600f86cb72097967b951de5c7ef1e4005cda74a7%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201205 [GitHub] [zookeeper] phunt commented on a change in pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r8fee46fd9f1254150cc55eecf1ea6a448fca1f7cf1d1e7f9c4803fdb%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-issues] 20201205 [jira] [Updated] (ZOOKEEPER-4023) dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rbc5a8d7a0a13bc8152d427a7e9097cdeb139c6cfe111b2f00f26d16b%40%3Cissues.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201205 [GitHub] [zookeeper] ztzg commented on a change in pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r8c839a0d88cd6504abbe72c260371094f47014b2ba08d8d2c0232e3c%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201205 [GitHub] [zookeeper] ztzg opened a new pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r22776d06582985cca5bd2a92519a2b13b4cae2d8e087318da03c036d%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201205 [GitHub] [zookeeper] ztzg opened a new pull request #1553: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rfa8879a713480b206c152334419499e6af0878c36217abcc9ab4f0d1%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201205 [GitHub] [zookeeper] ztzg commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/re86a6ba09dc74e709db843e3561ead923c8fd1cba32343656dd8c44b%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-issues] 20201206 [jira] [Updated] (ZOOKEEPER-4023) dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r23ce6b8965e30808daa77a80fcd69833b1fc632d80465d0419eff619%40%3Cissues.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201206 [GitHub] [zookeeper] nkalmar commented on pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r4981622ba15e8be1657d30b7c85044c7aabe89751fa7324f8604b834%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201206 [GitHub] [zookeeper] nkalmar commented on a change in pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/re03a566114435a8cc8eb72158242b0f560c5eeccbb4ee98d22de8373%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201206 [GitHub] [zookeeper] ztzg commented on a change in pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9f571b086965b35d4e91e47fb67c27b42b62762248b4900ba723599f%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201206 [GitHub] [zookeeper] ztzg commented on pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ree677ff289ba9a90850f2e3ba7279555df1a170263ba39c5272db236%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201207 [GitHub] [zookeeper] ztzg commented on a change in pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r1dd302323c6fe1a542d0371de66a484918fa6c2831ae70d924974bea%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201207 [GitHub] [zookeeper] nkalmar commented on pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rdde0ad0a03eec962c56b46e70e225918ea2368dcc3fd3488741fad53%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201207 [GitHub] [zookeeper] nkalmar edited a comment on pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r602683484f607cd1b9598caf3e549fbb01c43fd46a582a32cc3bb545%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201207 [GitHub] [zookeeper] nkalmar commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rb8f413dc923070919b09db3ac87d079a2dcc6f0adfbb029e206a7930%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-dev] 20201208 Re: [VOTE] Apache ZooKeeper release 3.5.9 candidate 0",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rde11c433675143d8d27551c3d9e821fe1955f1551a518033d3716553%40%3Cdev.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201211 [GitHub] [zookeeper] nkalmar commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rc0e35f4e8a8a36127e3ae7a67f325a3a6a4dbe05034130fb04b6f3b6%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201215 [GitHub] [zookeeper] phunt commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r8f5b144e7a7c2b338f01139d891abbaba12a8173ee01110d21bd0b4d%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg closed pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r821bbffb64da0f062b4e72d1aa600b91e26bc82a28298ab159121215%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-commits] 20201224 [zookeeper] branch master updated: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r964d226dd08527fddd7a44410c50daa9d34d398e5c4793f1d7e19da8%40%3Ccommits.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r70940cb30356642f0c49af49259680d6bd866f51c4e8de0f8a498fb0%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201224 [GitHub] [zookeeper] eolivelli commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r5e5cb33b545548ec4684d33bd88b05a0ae89c4d7cac93eb63255f58f%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg closed pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9d7a86fb0b45e5b1855d4df83a5820eef813d55eae3edf224f3d5055%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg commented on pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r8be8c6f0e404a3179d988eb8afed03ede5f2d5ce986d3f709fb82610%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-issues] 20201224 [jira] [Resolved] (ZOOKEEPER-4023) dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rc1de630c6ed9a958d9f811e816d6d8efb6ca94aed0869bc5cda9d7f8%40%3Cissues.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg commented on pull request #1553: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r46589f4228aabd5fb16135ff5bef0f77f06cdef64f9785ac3349fa02%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg closed pull request #1553: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rc91c405c08b529b7292c75d9bd497849db700a1297fe3432990f6774%40%3Cnotifications.zookeeper.apache.org%3E"
          },
          {
            "name": "[zookeeper-commits] 20210106 [zookeeper] branch branch-3.5.9 updated: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r2a57c7bbf36afc87f8ad9e1dd2f53a08e85a1b531283fc2efce4fe17%40%3Ccommits.zookeeper.apache.org%3E"
          },
          {
            "name": "[hbase-dev] 20210205 [jira] [Created] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r3d43529452c5a16338e8267eb911e8aedc64c3241624302e673961c1%40%3Cdev.hbase.apache.org%3E"
          },
          {
            "name": "[hbase-issues] 20210205 [jira] [Created] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r186748e676e5aeb4eb603361e6367555ae4daecbde55cfd69fa68ec6%40%3Cissues.hbase.apache.org%3E"
          },
          {
            "name": "[hbase-issues] 20210205 [GitHub] [hbase-thirdparty] pankaj72981 opened a new pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rce9e232a663d8405c003fe83d5c86c27d1ed65561f3690e824717bc4%40%3Cissues.hbase.apache.org%3E"
          },
          {
            "name": "[hbase-issues] 20210205 [GitHub] [hbase-thirdparty] Apache-HBase commented on pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/re9214a4232b7ae204288c283bcee4e39f07da6cc34798e9217ba4eb6%40%3Cissues.hbase.apache.org%3E"
          },
          {
            "name": "[hbase-issues] 20210205 [jira] [Work started] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r8b2271909dabb45f0f1482ef35ffe106ae4b0cf8e877eb514e9cd421%40%3Cissues.hbase.apache.org%3E"
          },
          {
            "name": "[hbase-issues] 20210205 [jira] [Updated] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r3807b1c54066797c4870e03bd2376bdcce9c7c4e6143499f53cd9ca2%40%3Cissues.hbase.apache.org%3E"
          },
          {
            "name": "[hbase-issues] 20210205 [GitHub] [hbase-thirdparty] busbey commented on a change in pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r2f168fd22c071bdd95ec696e45d2a01e928b9fcadbe94fbabeb1549d%40%3Cissues.hbase.apache.org%3E"
          },
          {
            "name": "[hbase-issues] 20210205 [GitHub] [hbase-thirdparty] busbey commented on pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r078c1203e48089b2c934b9f86b61bebe8c049e0ea6273b124f349988%40%3Cissues.hbase.apache.org%3E"
          },
          {
            "name": "[hbase-issues] 20210205 [GitHub] [hbase-thirdparty] jojochuang commented on a change in pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rccc7ba8c51d662e13496df20466d27dbab54d7001e9e7b2f31468a9e%40%3Cissues.hbase.apache.org%3E"
          },
          {
            "name": "[hbase-issues] 20210206 [GitHub] [hbase-thirdparty] Apache-HBase commented on pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r2ffe719224cbe5897f2d06dd22fc77fa12377c39efe9de0c3bf3f837%40%3Cissues.hbase.apache.org%3E"
          },
          {
            "name": "[hbase-commits] 20210206 [hbase-thirdparty] branch master updated: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/re4e67541a0a25a8589e89f52f8cd163c863fe04b59e048f9f1a04958%40%3Ccommits.hbase.apache.org%3E"
          },
          {
            "name": "[hbase-issues] 20210206 [jira] [Resolved] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r96ef6d20c5bd3d42dab500bac56a427e1dce00cf85b083987617643d%40%3Cissues.hbase.apache.org%3E"
          },
          {
            "name": "[hbase-issues] 20210206 [GitHub] [hbase-thirdparty] busbey closed pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rcbc408088ae99dc3167ea293a562a3a9a7295a20e9a1bfc93e43ae1b%40%3Cissues.hbase.apache.org%3E"
          },
          {
            "name": "[hbase-dev] 20210206 [jira] [Resolved] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/re4ae7ada52c5ecfe805eb86ddc0af399ec8a57bfb0d8c632b8723b88%40%3Cdev.hbase.apache.org%3E"
          },
          {
            "name": "[kafka-jira] 20210211 [jira] [Created] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r3554a4f192db6008c03f2c6c3e0f1691a9b0d615ce955ef67a876ff7%40%3Cjira.kafka.apache.org%3E"
          },
          {
            "name": "[kafka-dev] 20210211 [jira] [Created] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/racd55c9b704aa68cfb4436f17739b612b5d4f887155e04ed521a4b67%40%3Cdev.kafka.apache.org%3E"
          },
          {
            "name": "[kafka-jira] 20210212 [jira] [Assigned] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r7d37d33f2d68912985daf40203182e3d86f3e81266b7a7f350689eeb%40%3Cjira.kafka.apache.org%3E"
          },
          {
            "name": "[kafka-jira] 20210212 [jira] [Commented] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r00858fe27ee35ac8fa0e1549d67e0efb789d63b791b5300390bd8480%40%3Cjira.kafka.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210216 [GitHub] [spark] sarutak opened a new pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r489dfc3e259ad3837141985dd9291b93e6b40496cdf58808915d67e9%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-issues] 20210216 [jira] [Created] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rbe3f2e0a3c38ed9cbef81507b7cc6e523341865e30dc15c7503adc76%40%3Cissues.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210216 [GitHub] [spark] sarutak commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r51ec0120b6c849d12fb7fef34db87ef0bf79fcfcd3d703a9800afbba%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-issues] 20210216 [jira] [Commented] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r306c8e5aad1b9afc0c9278430fb571950fbb3ab7dd5d369eb618ffa4%40%3Cissues.spark.apache.org%3E"
          },
          {
            "name": "[spark-issues] 20210216 [jira] [Assigned] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r0d2de2ab5558da68b504bd30db74da1d97dc152a857f5b7e462288ab%40%3Cissues.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210216 [GitHub] [spark] SparkQA commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r5464405909eb0e1059d5dd57d10c435b9f19325fdebbadb4f1126997%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210217 [GitHub] [spark] dongjoon-hyun commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r25a47cd06750ebb4b0f23a9b7a57c209702c8566a4c970a41ac088df%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210216 [GitHub] [spark] AmplabJenkins removed a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rdbdbb4e51f8857e082b464cd128decd7263cf0fb8557f12993562c56%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210216 [GitHub] [spark] AmplabJenkins commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rba4bca48d2cdfa8c08afc368a9cc4572ec85a5915ba29b8a194bf505%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210217 [GitHub] [spark] sarutak edited a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/reb75282901d0969ba6582725ce8672070715d0773f6ff54dedd60156%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210217 [GitHub] [spark] HyukjinKwon commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ra09a653997cbf10aab8c0deabc0fa49f5a8a8ce4305ce9089b98485f%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210217 [GitHub] [spark] sarutak commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r870bc5e6e354c3e28ea029cb5726c9e8dd2b88cb0f5f7de1d4e3133d%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210217 [GitHub] [spark] SparkQA commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rf31e24700f725ef81bc5a2e0444a60e1f295ed0a54c0098362a7bdfa%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210217 [GitHub] [spark] SparkQA removed a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r8c22aad0711321537183ccddcade7274ebf9dcbdcdacc6c4f90f43de%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210217 [GitHub] [spark] AmplabJenkins commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r32a25679d97bf5969d130f8e9b3a3fc54110095397d89952e93dbeb0%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210217 [GitHub] [spark] AmplabJenkins removed a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/racf9e6ad2482cb9b1e3e1b2c1b443d9d5cf14055fb54dec3d2dcce91%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210217 [GitHub] [spark] srowen commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r2a541f08bf5f847394297c13a5305c2f76c11e46504ce2a49653890a%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210218 [GitHub] [spark] sarutak edited a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r4aff5ca6bc94a6f13ff77914fd960185ab70cd6cebe96fffd74543ac%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210218 [GitHub] [spark] sarutak commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r850d1d0413716e8ba6d910cae7b01a0e560636e17d664769b5080ca5%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210218 [GitHub] [spark] SparkQA commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rcf7b5818f71bb97fd695eb0f54f8f4f69e15cc5f9ec761ea8be0d0d3%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-commits] 20210218 [spark] branch branch-3.1 updated: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r5c64173663c71f222ea40617ab362d7a590935fb75c18817fdec377e%40%3Ccommits.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210218 [GitHub] [spark] AmplabJenkins removed a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r543ea0a861a78d84c22656fb76880d7ab327048cf7ee3ccc7281375d%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210218 [GitHub] [spark] HyukjinKwon closed pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r74ab0f5a5f16ca01eb145403ab753df5b348b8c1656d7c8501d0bfc6%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210218 [GitHub] [spark] HyukjinKwon commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r8eea4c7797e701f6494c72942dd89f471cda4c2c6e9abbaf05d113d8%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-commits] 20210218 [spark] branch branch-3.0 updated: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r500e22d0aedba1866d0b5e76429b76652a473a0209fa8bf66c9f7aab%40%3Ccommits.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210218 [GitHub] [spark] AmplabJenkins commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r94230f46b91c364d39922a8ba0cfe12b8dba1556b14792719a7d921f%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210218 [GitHub] [spark] sarutak opened a new pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r01806ad8c9cb0590584baf5b1a60237ad92e4ad5bba082ca04d98179%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210218 [GitHub] [spark] SparkQA removed a comment on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r8ed14a84656fa0bb8df3bf9373c5be80f47ceac1e2ff068ee734fdb3%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210218 [GitHub] [spark] SparkQA commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r706562cbbdda569cc556d8a7983d1f9229606e7b51337b820785af26%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-issues] 20210218 [jira] [Commented] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r6493e43007f41e34cdbbb66622307fa235374dd2ec5bf52c61075a68%40%3Cissues.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210218 [GitHub] [spark] sarutak commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r15500b77c52390e2ec048cea4a6b45edf907ea61cd13259193ff8601%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210218 [GitHub] [spark] SparkQA removed a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r81f82ab8ecb83568bafbecf9ce0e73be73980ac1e2af6baf0f344a59%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210218 [GitHub] [spark] AmplabJenkins removed a comment on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rd9a960429741406f6557fa344a13d50a0c9976dac2e4c46bb54b32d7%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210218 [GitHub] [spark] AmplabJenkins commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r3b7c8bc7a1cb8acdcf7753f436564d289d22f2906e934d1b11de3a40%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210219 [GitHub] [spark] srowen commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/re3918edd403b0d3857a13ef2ccf3d2bc0231f3b8758e2a5777ea1cd3%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210219 [GitHub] [spark] SparkQA commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9b46505868794fba04d401956304e63e4d8e39bdc118d30e5e87dcd9%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210219 [GitHub] [spark] SparkQA removed a comment on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rf0181750e321518c8afa8001e0529d50a9447714ef4f58d98af57904%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210219 [GitHub] [spark] AmplabJenkins removed a comment on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rf273267fa2e49314643af3141cec239f97d41de8a59be4ef7e10c65a%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210219 [GitHub] [spark] AmplabJenkins commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rb6a3866c02ac4446451c7d9dceab2373b6d32fb058f9085c6143de30%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210219 [GitHub] [spark] HyukjinKwon closed pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r39f1b1be8e5c0935f7c515eedf907909474bad15185125daacb36d50%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-issues] 20210219 [jira] [Resolved] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/re014afaa14f4df9d33912ab64dc57249e1c170c7448d7175c6d014ff%40%3Cissues.spark.apache.org%3E"
          },
          {
            "name": "[spark-reviews] 20210219 [GitHub] [spark] HyukjinKwon commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r153fbefc27a1b2033692f32ef728ca909a7c7bcc1d21b6c35b38bdd5%40%3Creviews.spark.apache.org%3E"
          },
          {
            "name": "[spark-commits] 20210219 [spark] branch branch-2.4 updated: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r7669dab41f2b34d56bb67700d869dc9c025ff72e9468204799f5ac29%40%3Ccommits.spark.apache.org%3E"
          },
          {
            "name": "[spark-issues] 20210222 [jira] [Updated] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r4b2e7417a76e3dd4dc9855c6c138c49484080754a09927454f6d89f0%40%3Cissues.spark.apache.org%3E"
          },
          {
            "name": "[kafka-jira] 20210222 [GitHub] [kafka] dongjinleekr opened a new pull request #10177: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rb4ca79d1af5237108ce8770b7c46ca78095f62ef21331d9d06142388%40%3Cjira.kafka.apache.org%3E"
          },
          {
            "name": "[kafka-jira] 20210222 [GitHub] [kafka] dongjinleekr commented on pull request #10177: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rd20651e102cb6742a9d9322ea7b5fc3ab60a7ffecb50fa9157cbf176%40%3Cjira.kafka.apache.org%3E"
          },
          {
            "name": "[kafka-jira] 20210222 [GitHub] [kafka] ijuma commented on pull request #10177: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r391d20ab6ec03d6becc7a9f0c5e0f45a7ad8af6b996ae0a49839f6bd%40%3Cjira.kafka.apache.org%3E"
          },
          {
            "name": "[kafka-jira] 20210222 [GitHub] [kafka] omkreddy closed pull request #10177: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rbea4d456d88b043be86739ab0200ad06ba5a7921064411c098f79831%40%3Cjira.kafka.apache.org%3E"
          },
          {
            "name": "[kafka-commits] 20210222 [kafka] branch 2.7 updated: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rbbd003149f929b0e2fe58fb315de1658e98377225632e7e4239323fb%40%3Ccommits.kafka.apache.org%3E"
          },
          {
            "name": "[kafka-jira] 20210222 [jira] [Resolved] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r05b7ffde2b8c180709e14bc9ca036407bea3ed9f09b32c4705d23a4a%40%3Cjira.kafka.apache.org%3E"
          },
          {
            "name": "[kafka-commits] 20210222 [kafka] branch 2.8 updated: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r990e0296b188d4530d1053882f687fa4f938f108425db2999a180944%40%3Ccommits.kafka.apache.org%3E"
          },
          {
            "name": "[kafka-dev] 20210222 [jira] [Resolved] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r942e21ee90e2617a00a08b17b0ac2db961959bec969b91df61584d38%40%3Cdev.kafka.apache.org%3E"
          },
          {
            "name": "[kafka-commits] 20210222 [kafka] branch 2.6 updated: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r66456df852de06a0eed2c0a50252a2c8d360b8a5c005f63c0b1e3d25%40%3Ccommits.kafka.apache.org%3E"
          },
          {
            "name": "[nifi-commits] 20210222 svn commit: r1886814 - /nifi/site/trunk/security.html",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r380e9257bacb8551ee6fcf2c59890ae9477b2c78e553fa9ea08e9d9a%40%3Ccommits.nifi.apache.org%3E"
          },
          {
            "name": "[kafka-jira] 20210301 [GitHub] [kafka] dongjinleekr commented on pull request #10235: KAFKA-12389: Upgrade of netty-codec due to CVE-2021-21290",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r2fda4dab73097051977f2ab818f75e04fbcb15bb1003c8530eac1059%40%3Cjira.kafka.apache.org%3E"
          },
          {
            "name": "[kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr commented on pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b%40%3Cjira.kafka.apache.org%3E"
          },
          {
            "name": "[samza-commits] 20210310 [GitHub] [samza] Telesia opened a new pull request #1471: SAMZA-2630: Upgrade dependencies for security fixes",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21%40%3Ccommits.samza.apache.org%3E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20201218-0003/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r769e1ba36c607772f7403e7ef2a8ae14d9ddcab4a844f9b28bcf7959%40%3Cdev.kafka.apache.org%3E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rc2b603b7fa7f8dbfe0b3b59a6140b4d66868db3bf4b29d69a772d72a%40%3Cdev.kafka.apache.org%3E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ra1c234f045871827f73e4d68326b067e72d3139e109207345fa57d9e%40%3Cdev.kafka.apache.org%3E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rfa34d2a3e423421a4a1354cf457edba2ce78cee2d3ebd8aab151a559%40%3Cdev.kafka.apache.org%3E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Eclipse Jetty",
          "vendor": "The Eclipse Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "9.4.0.RC0 to 9.4.34.v20201102"
            },
            {
              "status": "affected",
              "version": "10.0.0.alpha0 to 10.0.0.beta2"
            },
            {
              "status": "affected",
              "version": "11.0.0.alpha0 to 11.0.0.beta2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-226",
              "description": "CWE-226: Sensitive Information in Resource Not Removed Before Reuse",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-30T21:06:23.588882",
        "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
        "shortName": "eclipse"
      },
      "references": [
        {
          "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=568892"
        },
        {
          "url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm-8wh8"
        },
        {
          "name": "[zookeeper-notifications] 20201205 [GitHub] [zookeeper] ztzg opened a new pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r6d5bb60a13e8b539600f86cb72097967b951de5c7ef1e4005cda74a7%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201205 [GitHub] [zookeeper] phunt commented on a change in pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r8fee46fd9f1254150cc55eecf1ea6a448fca1f7cf1d1e7f9c4803fdb%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-issues] 20201205 [jira] [Updated] (ZOOKEEPER-4023) dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rbc5a8d7a0a13bc8152d427a7e9097cdeb139c6cfe111b2f00f26d16b%40%3Cissues.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201205 [GitHub] [zookeeper] ztzg commented on a change in pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r8c839a0d88cd6504abbe72c260371094f47014b2ba08d8d2c0232e3c%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201205 [GitHub] [zookeeper] ztzg opened a new pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r22776d06582985cca5bd2a92519a2b13b4cae2d8e087318da03c036d%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201205 [GitHub] [zookeeper] ztzg opened a new pull request #1553: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rfa8879a713480b206c152334419499e6af0878c36217abcc9ab4f0d1%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201205 [GitHub] [zookeeper] ztzg commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/re86a6ba09dc74e709db843e3561ead923c8fd1cba32343656dd8c44b%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-issues] 20201206 [jira] [Updated] (ZOOKEEPER-4023) dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r23ce6b8965e30808daa77a80fcd69833b1fc632d80465d0419eff619%40%3Cissues.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201206 [GitHub] [zookeeper] nkalmar commented on pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r4981622ba15e8be1657d30b7c85044c7aabe89751fa7324f8604b834%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201206 [GitHub] [zookeeper] nkalmar commented on a change in pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/re03a566114435a8cc8eb72158242b0f560c5eeccbb4ee98d22de8373%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201206 [GitHub] [zookeeper] ztzg commented on a change in pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r9f571b086965b35d4e91e47fb67c27b42b62762248b4900ba723599f%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201206 [GitHub] [zookeeper] ztzg commented on pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/ree677ff289ba9a90850f2e3ba7279555df1a170263ba39c5272db236%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201207 [GitHub] [zookeeper] ztzg commented on a change in pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r1dd302323c6fe1a542d0371de66a484918fa6c2831ae70d924974bea%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201207 [GitHub] [zookeeper] nkalmar commented on pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rdde0ad0a03eec962c56b46e70e225918ea2368dcc3fd3488741fad53%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201207 [GitHub] [zookeeper] nkalmar edited a comment on pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r602683484f607cd1b9598caf3e549fbb01c43fd46a582a32cc3bb545%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201207 [GitHub] [zookeeper] nkalmar commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rb8f413dc923070919b09db3ac87d079a2dcc6f0adfbb029e206a7930%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-dev] 20201208 Re: [VOTE] Apache ZooKeeper release 3.5.9 candidate 0",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rde11c433675143d8d27551c3d9e821fe1955f1551a518033d3716553%40%3Cdev.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201211 [GitHub] [zookeeper] nkalmar commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rc0e35f4e8a8a36127e3ae7a67f325a3a6a4dbe05034130fb04b6f3b6%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201215 [GitHub] [zookeeper] phunt commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r8f5b144e7a7c2b338f01139d891abbaba12a8173ee01110d21bd0b4d%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg closed pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r821bbffb64da0f062b4e72d1aa600b91e26bc82a28298ab159121215%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-commits] 20201224 [zookeeper] branch master updated: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r964d226dd08527fddd7a44410c50daa9d34d398e5c4793f1d7e19da8%40%3Ccommits.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r70940cb30356642f0c49af49259680d6bd866f51c4e8de0f8a498fb0%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201224 [GitHub] [zookeeper] eolivelli commented on pull request #1552: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r5e5cb33b545548ec4684d33bd88b05a0ae89c4d7cac93eb63255f58f%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg closed pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r9d7a86fb0b45e5b1855d4df83a5820eef813d55eae3edf224f3d5055%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg commented on pull request #1554: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r8be8c6f0e404a3179d988eb8afed03ede5f2d5ce986d3f709fb82610%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-issues] 20201224 [jira] [Resolved] (ZOOKEEPER-4023) dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rc1de630c6ed9a958d9f811e816d6d8efb6ca94aed0869bc5cda9d7f8%40%3Cissues.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg commented on pull request #1553: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r46589f4228aabd5fb16135ff5bef0f77f06cdef64f9785ac3349fa02%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-notifications] 20201224 [GitHub] [zookeeper] ztzg closed pull request #1553: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rc91c405c08b529b7292c75d9bd497849db700a1297fe3432990f6774%40%3Cnotifications.zookeeper.apache.org%3E"
        },
        {
          "name": "[zookeeper-commits] 20210106 [zookeeper] branch branch-3.5.9 updated: ZOOKEEPER-4023: dependency-check:check failing - Jetty 9.4.34.v20201102 - CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r2a57c7bbf36afc87f8ad9e1dd2f53a08e85a1b531283fc2efce4fe17%40%3Ccommits.zookeeper.apache.org%3E"
        },
        {
          "name": "[hbase-dev] 20210205 [jira] [Created] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r3d43529452c5a16338e8267eb911e8aedc64c3241624302e673961c1%40%3Cdev.hbase.apache.org%3E"
        },
        {
          "name": "[hbase-issues] 20210205 [jira] [Created] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r186748e676e5aeb4eb603361e6367555ae4daecbde55cfd69fa68ec6%40%3Cissues.hbase.apache.org%3E"
        },
        {
          "name": "[hbase-issues] 20210205 [GitHub] [hbase-thirdparty] pankaj72981 opened a new pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rce9e232a663d8405c003fe83d5c86c27d1ed65561f3690e824717bc4%40%3Cissues.hbase.apache.org%3E"
        },
        {
          "name": "[hbase-issues] 20210205 [GitHub] [hbase-thirdparty] Apache-HBase commented on pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/re9214a4232b7ae204288c283bcee4e39f07da6cc34798e9217ba4eb6%40%3Cissues.hbase.apache.org%3E"
        },
        {
          "name": "[hbase-issues] 20210205 [jira] [Work started] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r8b2271909dabb45f0f1482ef35ffe106ae4b0cf8e877eb514e9cd421%40%3Cissues.hbase.apache.org%3E"
        },
        {
          "name": "[hbase-issues] 20210205 [jira] [Updated] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r3807b1c54066797c4870e03bd2376bdcce9c7c4e6143499f53cd9ca2%40%3Cissues.hbase.apache.org%3E"
        },
        {
          "name": "[hbase-issues] 20210205 [GitHub] [hbase-thirdparty] busbey commented on a change in pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r2f168fd22c071bdd95ec696e45d2a01e928b9fcadbe94fbabeb1549d%40%3Cissues.hbase.apache.org%3E"
        },
        {
          "name": "[hbase-issues] 20210205 [GitHub] [hbase-thirdparty] busbey commented on pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r078c1203e48089b2c934b9f86b61bebe8c049e0ea6273b124f349988%40%3Cissues.hbase.apache.org%3E"
        },
        {
          "name": "[hbase-issues] 20210205 [GitHub] [hbase-thirdparty] jojochuang commented on a change in pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rccc7ba8c51d662e13496df20466d27dbab54d7001e9e7b2f31468a9e%40%3Cissues.hbase.apache.org%3E"
        },
        {
          "name": "[hbase-issues] 20210206 [GitHub] [hbase-thirdparty] Apache-HBase commented on pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r2ffe719224cbe5897f2d06dd22fc77fa12377c39efe9de0c3bf3f837%40%3Cissues.hbase.apache.org%3E"
        },
        {
          "name": "[hbase-commits] 20210206 [hbase-thirdparty] branch master updated: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/re4e67541a0a25a8589e89f52f8cd163c863fe04b59e048f9f1a04958%40%3Ccommits.hbase.apache.org%3E"
        },
        {
          "name": "[hbase-issues] 20210206 [jira] [Resolved] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r96ef6d20c5bd3d42dab500bac56a427e1dce00cf85b083987617643d%40%3Cissues.hbase.apache.org%3E"
        },
        {
          "name": "[hbase-issues] 20210206 [GitHub] [hbase-thirdparty] busbey closed pull request #46: HBASE-25552 Upgrade jetty jar to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rcbc408088ae99dc3167ea293a562a3a9a7295a20e9a1bfc93e43ae1b%40%3Cissues.hbase.apache.org%3E"
        },
        {
          "name": "[hbase-dev] 20210206 [jira] [Resolved] (HBASE-25552) [hbase-thirdparty] Update jetty version to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/re4ae7ada52c5ecfe805eb86ddc0af399ec8a57bfb0d8c632b8723b88%40%3Cdev.hbase.apache.org%3E"
        },
        {
          "name": "[kafka-jira] 20210211 [jira] [Created] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r3554a4f192db6008c03f2c6c3e0f1691a9b0d615ce955ef67a876ff7%40%3Cjira.kafka.apache.org%3E"
        },
        {
          "name": "[kafka-dev] 20210211 [jira] [Created] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/racd55c9b704aa68cfb4436f17739b612b5d4f887155e04ed521a4b67%40%3Cdev.kafka.apache.org%3E"
        },
        {
          "name": "[kafka-jira] 20210212 [jira] [Assigned] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r7d37d33f2d68912985daf40203182e3d86f3e81266b7a7f350689eeb%40%3Cjira.kafka.apache.org%3E"
        },
        {
          "name": "[kafka-jira] 20210212 [jira] [Commented] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r00858fe27ee35ac8fa0e1549d67e0efb789d63b791b5300390bd8480%40%3Cjira.kafka.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210216 [GitHub] [spark] sarutak opened a new pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r489dfc3e259ad3837141985dd9291b93e6b40496cdf58808915d67e9%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-issues] 20210216 [jira] [Created] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rbe3f2e0a3c38ed9cbef81507b7cc6e523341865e30dc15c7503adc76%40%3Cissues.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210216 [GitHub] [spark] sarutak commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r51ec0120b6c849d12fb7fef34db87ef0bf79fcfcd3d703a9800afbba%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-issues] 20210216 [jira] [Commented] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r306c8e5aad1b9afc0c9278430fb571950fbb3ab7dd5d369eb618ffa4%40%3Cissues.spark.apache.org%3E"
        },
        {
          "name": "[spark-issues] 20210216 [jira] [Assigned] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r0d2de2ab5558da68b504bd30db74da1d97dc152a857f5b7e462288ab%40%3Cissues.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210216 [GitHub] [spark] SparkQA commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r5464405909eb0e1059d5dd57d10c435b9f19325fdebbadb4f1126997%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210217 [GitHub] [spark] dongjoon-hyun commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r25a47cd06750ebb4b0f23a9b7a57c209702c8566a4c970a41ac088df%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210216 [GitHub] [spark] AmplabJenkins removed a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rdbdbb4e51f8857e082b464cd128decd7263cf0fb8557f12993562c56%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210216 [GitHub] [spark] AmplabJenkins commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rba4bca48d2cdfa8c08afc368a9cc4572ec85a5915ba29b8a194bf505%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210217 [GitHub] [spark] sarutak edited a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/reb75282901d0969ba6582725ce8672070715d0773f6ff54dedd60156%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210217 [GitHub] [spark] HyukjinKwon commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/ra09a653997cbf10aab8c0deabc0fa49f5a8a8ce4305ce9089b98485f%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210217 [GitHub] [spark] sarutak commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r870bc5e6e354c3e28ea029cb5726c9e8dd2b88cb0f5f7de1d4e3133d%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210217 [GitHub] [spark] SparkQA commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rf31e24700f725ef81bc5a2e0444a60e1f295ed0a54c0098362a7bdfa%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210217 [GitHub] [spark] SparkQA removed a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r8c22aad0711321537183ccddcade7274ebf9dcbdcdacc6c4f90f43de%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210217 [GitHub] [spark] AmplabJenkins commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r32a25679d97bf5969d130f8e9b3a3fc54110095397d89952e93dbeb0%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210217 [GitHub] [spark] AmplabJenkins removed a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/racf9e6ad2482cb9b1e3e1b2c1b443d9d5cf14055fb54dec3d2dcce91%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210217 [GitHub] [spark] srowen commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r2a541f08bf5f847394297c13a5305c2f76c11e46504ce2a49653890a%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210218 [GitHub] [spark] sarutak edited a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r4aff5ca6bc94a6f13ff77914fd960185ab70cd6cebe96fffd74543ac%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210218 [GitHub] [spark] sarutak commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r850d1d0413716e8ba6d910cae7b01a0e560636e17d664769b5080ca5%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210218 [GitHub] [spark] SparkQA commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rcf7b5818f71bb97fd695eb0f54f8f4f69e15cc5f9ec761ea8be0d0d3%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-commits] 20210218 [spark] branch branch-3.1 updated: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r5c64173663c71f222ea40617ab362d7a590935fb75c18817fdec377e%40%3Ccommits.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210218 [GitHub] [spark] AmplabJenkins removed a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r543ea0a861a78d84c22656fb76880d7ab327048cf7ee3ccc7281375d%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210218 [GitHub] [spark] HyukjinKwon closed pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r74ab0f5a5f16ca01eb145403ab753df5b348b8c1656d7c8501d0bfc6%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210218 [GitHub] [spark] HyukjinKwon commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r8eea4c7797e701f6494c72942dd89f471cda4c2c6e9abbaf05d113d8%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-commits] 20210218 [spark] branch branch-3.0 updated: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r500e22d0aedba1866d0b5e76429b76652a473a0209fa8bf66c9f7aab%40%3Ccommits.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210218 [GitHub] [spark] AmplabJenkins commented on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r94230f46b91c364d39922a8ba0cfe12b8dba1556b14792719a7d921f%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210218 [GitHub] [spark] sarutak opened a new pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r01806ad8c9cb0590584baf5b1a60237ad92e4ad5bba082ca04d98179%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210218 [GitHub] [spark] SparkQA removed a comment on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r8ed14a84656fa0bb8df3bf9373c5be80f47ceac1e2ff068ee734fdb3%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210218 [GitHub] [spark] SparkQA commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r706562cbbdda569cc556d8a7983d1f9229606e7b51337b820785af26%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-issues] 20210218 [jira] [Commented] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r6493e43007f41e34cdbbb66622307fa235374dd2ec5bf52c61075a68%40%3Cissues.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210218 [GitHub] [spark] sarutak commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r15500b77c52390e2ec048cea4a6b45edf907ea61cd13259193ff8601%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210218 [GitHub] [spark] SparkQA removed a comment on pull request #31574: [SPARK-34449][BUILD] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r81f82ab8ecb83568bafbecf9ce0e73be73980ac1e2af6baf0f344a59%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210218 [GitHub] [spark] AmplabJenkins removed a comment on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rd9a960429741406f6557fa344a13d50a0c9976dac2e4c46bb54b32d7%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210218 [GitHub] [spark] AmplabJenkins commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r3b7c8bc7a1cb8acdcf7753f436564d289d22f2906e934d1b11de3a40%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210219 [GitHub] [spark] srowen commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/re3918edd403b0d3857a13ef2ccf3d2bc0231f3b8758e2a5777ea1cd3%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210219 [GitHub] [spark] SparkQA commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r9b46505868794fba04d401956304e63e4d8e39bdc118d30e5e87dcd9%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210219 [GitHub] [spark] SparkQA removed a comment on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rf0181750e321518c8afa8001e0529d50a9447714ef4f58d98af57904%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210219 [GitHub] [spark] AmplabJenkins removed a comment on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rf273267fa2e49314643af3141cec239f97d41de8a59be4ef7e10c65a%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210219 [GitHub] [spark] AmplabJenkins commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rb6a3866c02ac4446451c7d9dceab2373b6d32fb058f9085c6143de30%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210219 [GitHub] [spark] HyukjinKwon closed pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r39f1b1be8e5c0935f7c515eedf907909474bad15185125daacb36d50%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-issues] 20210219 [jira] [Resolved] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/re014afaa14f4df9d33912ab64dc57249e1c170c7448d7175c6d014ff%40%3Cissues.spark.apache.org%3E"
        },
        {
          "name": "[spark-reviews] 20210219 [GitHub] [spark] HyukjinKwon commented on pull request #31583: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r153fbefc27a1b2033692f32ef728ca909a7c7bcc1d21b6c35b38bdd5%40%3Creviews.spark.apache.org%3E"
        },
        {
          "name": "[spark-commits] 20210219 [spark] branch branch-2.4 updated: [SPARK-34449][BUILD][2.4] Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r7669dab41f2b34d56bb67700d869dc9c025ff72e9468204799f5ac29%40%3Ccommits.spark.apache.org%3E"
        },
        {
          "name": "[spark-issues] 20210222 [jira] [Updated] (SPARK-34449) Upgrade Jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r4b2e7417a76e3dd4dc9855c6c138c49484080754a09927454f6d89f0%40%3Cissues.spark.apache.org%3E"
        },
        {
          "name": "[kafka-jira] 20210222 [GitHub] [kafka] dongjinleekr opened a new pull request #10177: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rb4ca79d1af5237108ce8770b7c46ca78095f62ef21331d9d06142388%40%3Cjira.kafka.apache.org%3E"
        },
        {
          "name": "[kafka-jira] 20210222 [GitHub] [kafka] dongjinleekr commented on pull request #10177: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rd20651e102cb6742a9d9322ea7b5fc3ab60a7ffecb50fa9157cbf176%40%3Cjira.kafka.apache.org%3E"
        },
        {
          "name": "[kafka-jira] 20210222 [GitHub] [kafka] ijuma commented on pull request #10177: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r391d20ab6ec03d6becc7a9f0c5e0f45a7ad8af6b996ae0a49839f6bd%40%3Cjira.kafka.apache.org%3E"
        },
        {
          "name": "[kafka-jira] 20210222 [GitHub] [kafka] omkreddy closed pull request #10177: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rbea4d456d88b043be86739ab0200ad06ba5a7921064411c098f79831%40%3Cjira.kafka.apache.org%3E"
        },
        {
          "name": "[kafka-commits] 20210222 [kafka] branch 2.7 updated: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rbbd003149f929b0e2fe58fb315de1658e98377225632e7e4239323fb%40%3Ccommits.kafka.apache.org%3E"
        },
        {
          "name": "[kafka-jira] 20210222 [jira] [Resolved] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r05b7ffde2b8c180709e14bc9ca036407bea3ed9f09b32c4705d23a4a%40%3Cjira.kafka.apache.org%3E"
        },
        {
          "name": "[kafka-commits] 20210222 [kafka] branch 2.8 updated: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r990e0296b188d4530d1053882f687fa4f938f108425db2999a180944%40%3Ccommits.kafka.apache.org%3E"
        },
        {
          "name": "[kafka-dev] 20210222 [jira] [Resolved] (KAFKA-12324) Upgrade jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r942e21ee90e2617a00a08b17b0ac2db961959bec969b91df61584d38%40%3Cdev.kafka.apache.org%3E"
        },
        {
          "name": "[kafka-commits] 20210222 [kafka] branch 2.6 updated: KAFKA-12324: Upgrade jetty to fix CVE-2020-27218",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r66456df852de06a0eed2c0a50252a2c8d360b8a5c005f63c0b1e3d25%40%3Ccommits.kafka.apache.org%3E"
        },
        {
          "name": "[nifi-commits] 20210222 svn commit: r1886814 - /nifi/site/trunk/security.html",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r380e9257bacb8551ee6fcf2c59890ae9477b2c78e553fa9ea08e9d9a%40%3Ccommits.nifi.apache.org%3E"
        },
        {
          "name": "[kafka-jira] 20210301 [GitHub] [kafka] dongjinleekr commented on pull request #10235: KAFKA-12389: Upgrade of netty-codec due to CVE-2021-21290",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r2fda4dab73097051977f2ab818f75e04fbcb15bb1003c8530eac1059%40%3Cjira.kafka.apache.org%3E"
        },
        {
          "name": "[kafka-jira] 20210302 [GitHub] [kafka] dongjinleekr commented on pull request #10245: KAFKA-12400: Upgrade jetty to fix CVE-2020-27223",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rd8e24a3e482e5984bc8c5492dc790413e4fdc1234e3debb94515796b%40%3Cjira.kafka.apache.org%3E"
        },
        {
          "name": "[samza-commits] 20210310 [GitHub] [samza] Telesia opened a new pull request #1471: SAMZA-2630: Upgrade dependencies for security fixes",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r352e40ca9874d1beb4ad95403792adca7eb295e6bc3bd7b65fabcc21%40%3Ccommits.samza.apache.org%3E"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20201218-0003/"
        },
        {
          "url": "https://lists.apache.org/thread.html/r769e1ba36c607772f7403e7ef2a8ae14d9ddcab4a844f9b28bcf7959%40%3Cdev.kafka.apache.org%3E"
        },
        {
          "url": "https://lists.apache.org/thread.html/rc2b603b7fa7f8dbfe0b3b59a6140b4d66868db3bf4b29d69a772d72a%40%3Cdev.kafka.apache.org%3E"
        },
        {
          "url": "https://lists.apache.org/thread.html/ra1c234f045871827f73e4d68326b067e72d3139e109207345fa57d9e%40%3Cdev.kafka.apache.org%3E"
        },
        {
          "url": "https://lists.apache.org/thread.html/rfa34d2a3e423421a4a1354cf457edba2ce78cee2d3ebd8aab151a559%40%3Cdev.kafka.apache.org%3E"
        },
        {
          "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        },
        {
          "name": "[debian-lts-announce] 20231030 [SECURITY] [DLA 3641-1] jetty9 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
    "assignerShortName": "eclipse",
    "cveId": "CVE-2020-27218",
    "datePublished": "2020-11-28T00:00:00",
    "dateReserved": "2020-10-19T00:00:00",
    "dateUpdated": "2024-08-04T16:11:36.083Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

SUSE-SU-2020:3922-1

CVE-2020-27218 (GCVE-0-2020-27218)

Tags

Sightings

Nomenclature