Amazon Linux 2 — jetty — multiple vulnerabilities (7 CVEs) — patch and remediation guide
🟠 High ⏱ 15–60 min Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read • Source: Amazon Linux advisory ALAS2-2026-3277 Related CVEs: CVE-2026-5795 CVE-2021-28165 CVE-2024-9823 CVE-2023-40167 CVE-2023-36479 CVE-2021-28169 CVE-2021-34428 Upstream summary: In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable. Upon returning from […]