{"affected":[{"ecosystem_specific":{"binaries":[{"jetty-http":"9.4.38-3.6.2","jetty-io":"9.4.38-3.6.2","jetty-security":"9.4.38-3.6.2","jetty-server":"9.4.38-3.6.2","jetty-servlet":"9.4.38-3.6.2","jetty-util":"9.4.38-3.6.2","jetty-util-ajax":"9.4.38-3.6.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Development Tools 15 SP2","name":"jetty-minimal","purl":"pkg:rpm/suse/jetty-minimal&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"9.4.38-3.6.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for jetty-minimal fixes the following issues:\n\n- jetty-minimal was upgraded to version 9.4.38.v20210224\n  - CVE-2020-27223: Fixed an issue with Accept request header which might have led to Denial of Service (bsc#1182898).\n","id":"SUSE-SU-2021:0940-1","modified":"2021-03-24T11:25:24Z","published":"2021-03-24T11:25:24Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2021/suse-su-20210940-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1182898"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-27223"}],"related":["CVE-2020-27223"],"summary":"Security update for jetty-minimal","upstream":["CVE-2020-27223"]}