{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:500e8554-3310-5a9a-86cb-2644f297fd02", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.aggregate", "name": "jetty-all-server", "version": "8.2.0.v20160908-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:11bad1ab-acba-5b94-a464-7b25da6df82e", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty.aggregate:jetty-all-server 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1cc2f18d-8599-5315-9c2e-4704c73b8199", "id": "CVE-2017-7656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7656 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e5fc4c7-af34-526f-b58c-5640a494a044", "id": "CVE-2017-7657", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7657 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fcb6b2e-7db3-5875-925e-a21079101be6", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20b23a43-9532-53b9-a855-a5cccc62822f", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cab48569-d8d4-5f16-afd0-b371fcc09f65", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e380fdf-1143-576d-9db2-ed4d8fdc45bb", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f1be166-ed6d-5568-92de-b19464a1c520", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83dc38c6-8849-5e85-8f87-28514dbfbefd", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:259e69fe-c23e-571e-9f6d-2a7242f130c8", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e64370dc-6cc0-5044-872b-58cf4ef27d89", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1af3de8c-e6fe-52a4-b56b-7d8b69d0dcf1", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df6d64fc-1750-5398-9b17-1fcba1836ef5", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bfc2eec8-13ac-5e0a-acfa-e53720069a3d", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5561f00-10f9-5c07-b17e-71f3bec4b312", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty.aggregate:jetty-all-server 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89658bd0-817f-5735-817a-64dd0e0b9cba", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty.aggregate:jetty-all-server 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8617c147-29d0-5e2e-b999-d5fb5b20f44b", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2eb75726-232d-5856-9cd5-9f78056d82f3", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8859fe15-17c9-59b3-bda7-915331a78a56", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty.aggregate:jetty-all-server 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:391ed96a-6c9e-5bc1-8a30-4a739ae83b1e", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85556dfa-6b1e-5ec3-8c1d-baefeb7351a3", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9185f58-e833-570e-8183-9092ff61b50b", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e17be9a3-aa68-50cf-a620-b0f1410b631f", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d9bab80-230d-5da4-957e-6bfbcd25754f", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3622564f-5401-59fb-bb71-7c777b3f0879", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:859fa5c2-fb52-55d2-9d9b-59e8d4c861bb", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20cf3907-878e-5d50-b613-a0a64bfd656c", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11418891-6812-5306-a5f8-d57f5bd97cdd", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19a447dc-492b-5471-afdf-cb028a2a93fe", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c64344fb-70fb-5bd7-96cb-0ff021893817", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6129d57-d7ea-5e7a-b37d-4facbca7f078", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19e4f28c-8e5d-5bc2-87e0-6cb0781ddcde", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1bc8bdd1-d3ec-5cec-bb0b-5ec6eba926b1", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all-server@8.2.0.v20160908-tuxcare.1" } ] }