{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:784ad3cf-b96b-566e-ae67-9f104c2757b6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.aggregate", "name": "jetty-plus", "version": "8.2.0.v20160908-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c192e6d7-3612-5a03-a604-b77af2ed1ce8", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty.aggregate:jetty-plus 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d2a74c8-2e8d-5d40-a2c6-5a83454d898b", "id": "CVE-2017-7656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7656 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5bbf1cf-f9f4-5cc3-9036-57479e2c7731", "id": "CVE-2017-7657", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7657 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b22ebd0-9d31-53b4-b8d2-c50c4773ce38", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8da1eb04-71dd-5048-b26b-432622e77147", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d3d1a1c-0e89-5beb-987b-d0ee36b769f8", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:487254da-a0a2-5ad9-8507-cc1b5e7c4e94", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfa01a48-eddc-54f8-9d75-1fbc4f13103d", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7e5d792-6194-5b1b-836b-72d94de1bf14", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed970ca3-a8a2-5334-be3f-6ce86166e114", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e80f402a-63d8-531c-946b-ea8c4a345b38", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6291ad3d-009d-56ae-8acc-2c8d7fe462c2", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31d8e3f8-8b0b-5137-9477-80aef14d56f0", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ded0fae-7a3d-5734-adf8-8da1d35c860f", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c7348f1-5ef8-5950-ac06-838c1f1922bf", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty.aggregate:jetty-plus 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6fd730f4-140a-5b2e-9dea-45598aacdfdb", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty.aggregate:jetty-plus 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:045c6bbf-6c1f-5206-8f18-9a8fe715aa0d", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb0fd733-24a2-59ec-82ef-056db12f0f3c", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7027ee53-c2eb-5267-80c8-7f0d91842991", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty.aggregate:jetty-plus 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1a5d256-df98-5ad9-9c0e-7de0415ed890", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55d4d689-0959-5b51-bcd6-919c46ec0f01", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3443881d-c12e-5c50-aea7-503ba1a7589e", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5fdba76-2ef6-548d-85b1-48a690a54cdb", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2213b068-bcee-5ba1-b22f-0b5ba56902eb", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a374997a-4130-5b71-93f5-8b959b8268a7", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92af70e7-69c9-509d-a2d9-815ccc59ac9a", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a25de0f-5bac-5bfa-9cd8-831195071d54", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c32ba9fb-7a9a-5207-8bc6-f3ce06838602", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8df21bc5-c604-58f6-a4d9-ac59d3c91570", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c462e708-6746-5ea0-b29f-91599ac68e87", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7da1f57f-870a-5f9f-a88e-3d639a05127b", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df79f335-ae59-53c5-9116-4cdfa9b78fbb", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6de0258e-69ba-5252-92b3-ac6d5bbbf186", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.1" } ] }