{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f5da7e01-8f30-5be9-8bfa-a6a9b5db1547", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.aggregate", "name": "jetty-client", "version": "8.2.0.v20160908-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:287f28d4-8f3c-5bdd-83a1-b09ddf59fe27", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty.aggregate:jetty-client 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:daafb45c-f5b8-5cee-8271-974b769f8a48", "id": "CVE-2017-7656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7656 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9afcc813-ea6d-5402-b024-41db80e8a6e0", "id": "CVE-2017-7657", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7657 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a809b8d-5517-52d3-a25f-dbb0a0cddf92", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce1ddc18-9030-5a69-a5e2-cf7af2dca932", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de293ae0-293c-51e3-b88c-a834f53b4d1b", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:330eff0d-2d6a-5c57-8c16-6d9c18c3ed1b", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d92783fb-67da-5afd-9575-dec9397de884", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:668f39eb-ca25-55b2-806b-0421b1a62265", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd56f043-5430-5682-9dbd-3ca6b711f61c", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc435bb0-f944-55ea-ac20-305e1c856153", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f28d6212-ea24-5fc2-874b-d083fd368cee", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30211d62-3a33-58bc-8114-edfaf1f80fd3", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44f8567e-6a9c-5a07-a9e7-1fe22f7b64ee", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4cf9e07-eebb-5f2d-bc23-c6e39b768518", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty.aggregate:jetty-client 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30d2312e-2730-5eec-bc1c-6c6c53d47092", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty.aggregate:jetty-client 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e440442-31f2-5654-b6cb-8697790bb44b", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6631b7ec-8e35-54a5-959d-3e951e55e305", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7fb4869f-1d55-5e64-9271-7e33b0ff6969", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty.aggregate:jetty-client 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e41ee097-cf1e-50a1-b1b1-07817740703b", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d281addc-b73a-5071-8456-6459994f581f", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:479aa34a-aa26-5dab-ba7f-50f84a43ab50", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dab85dfd-89b7-583d-a97f-029d4e0dc302", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f22e832-64cf-51de-9743-97f8fd9c49c1", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea8600ad-4345-5750-a53b-7cff0ddd1c60", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d024e245-9ab8-570e-8c80-af4ec6cf509e", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3869acbd-e965-567f-b0a4-ca0131fc707f", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72d9d47b-b92a-51ac-93c2-3729c54a8cbf", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99266c19-b87d-5c8e-9aa4-b9b895361fc7", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3a2633f-7caa-5649-bfba-cda529608a5e", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60987771-0e8a-5b02-8488-0ddf923714aa", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c61cb5dc-7f45-507f-b1f9-730da2b8a240", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2025975b-9154-517f-ba4d-1e2a7f1f2079", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.1" } ] }