{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:aa9ee5de-17b8-563d-8524-39f47f9fcb73", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.aggregate", "name": "jetty-client", "version": "8.2.0.v20160908-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:84bdd02b-c07e-5fd9-b978-bacabbec5f33", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty.aggregate:jetty-client 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2dd6b47-54b7-55d1-8ea5-ba94effe4e42", "id": "CVE-2017-7656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7656 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e56264e1-eef4-58de-8061-f2928b9ec531", "id": "CVE-2017-7657", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7657 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e82f753-d76f-5b7a-8f1a-46183c78982d", "id": "CVE-2017-7658", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7658 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:087bae33-e8d8-5260-8e5d-10a56af8e2e3", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de96ae56-e8e6-5c1f-9e35-0fb12b4d04d0", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b32bc574-fb03-5309-be5a-2c97c8cd382f", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:824d6594-71d1-522e-a7e1-c81d5a950372", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:361540e0-0d5e-5586-9302-58392f3a359b", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07889516-54f3-5562-8498-b347b94dd01b", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3af015b0-6796-54e9-b2e8-8790f282bb24", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8ba2d5f-7304-5518-8fce-69d5d317c482", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:facac0a4-334c-55a7-8c32-bc3e6c058320", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aca2b097-7cbd-5b58-bb22-a462d32b1a34", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc94aa63-34f7-5c7f-945d-09a455404714", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty.aggregate:jetty-client 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:685fdb6d-d805-5281-9e1c-083f828489eb", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty.aggregate:jetty-client 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fd1a6bc-ae0b-5fb3-b508-377815cbf081", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:697c2ee8-e14f-5118-b1ab-fea508260071", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa9cb6ca-91ce-5aa3-8caf-2fe923fb2ea6", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty.aggregate:jetty-client 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1af29763-39ce-5ba8-98de-fa73a6c29a7f", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc3b70a1-3bc7-51e8-9dd6-740b19c4c6e5", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96e00348-5e9d-54ed-af27-6eb9ee2933db", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b7032f1-d7a7-5a8f-be77-710942e49e61", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b6d4f45-2d06-5e5c-9cbd-39ddeb20c826", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9198019-d7b2-5488-855d-f97cae3acdb7", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:989eb278-d5e5-504f-bd81-899d46b49024", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8596a4d-0930-5377-9364-4524826888e2", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea170e65-8be9-5379-a67e-508855eaefed", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:607e5790-e632-57ce-9a64-dba0956662ab", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff52112a-407e-5ffc-82c5-049cea1cc270", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40d7defa-ede5-5cd1-8925-9c9f9b09fbaf", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:afa32429-341b-50cb-be9d-d12017b3bc80", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7c8a4ff-2e4e-54ac-af99-53de86b070f2", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-client@8.2.0.v20160908-tuxcare.2" } ] }