{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cbe10498-1274-5e85-bb1b-5db832484440", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.aggregate", "name": "jetty-plus", "version": "8.2.0.v20160908-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e1277e51-dd99-5f03-9610-9bc12719a9e7", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty.aggregate:jetty-plus 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4157f6f1-31d3-5f4e-9784-679e33e85756", "id": "CVE-2017-7656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7656 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f445c04d-9ea3-50cd-88ef-f8decd26b94c", "id": "CVE-2017-7657", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7657 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9981e06a-1f6a-5d11-aea2-9e1f7202bf26", "id": "CVE-2017-7658", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7658 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c47e605-669b-56a4-afd3-07c587db4448", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e692620-ec61-513e-a587-572f41d3fd27", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a58a1a30-81fd-5bae-9f09-c77ec51d60a7", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8244d02-8c83-5032-9f07-3fc3650f2ee1", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe144f2b-6421-59fd-955a-912203b4377b", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e36555f8-d916-52c8-8695-d6e4c7bd1d27", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6af21508-d798-5414-85e9-437c018fabfe", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42d063ad-15d8-5592-a8c9-f3b4b8c60322", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f18dbc4-4a81-5aa4-95f1-3a4ce838f791", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16d2e9ca-eaa1-57c2-ab30-964fa748f712", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e91285db-0882-5e0b-a2cf-fc9def492474", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty.aggregate:jetty-plus 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1bcebe1e-2dc3-5bc4-bd21-fc812a019f11", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty.aggregate:jetty-plus 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1900ce31-dd75-52cc-9ca6-63a075a97670", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a56c3741-0730-5b7a-9b1e-2c9b8908a379", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:caafa6a9-14b9-551e-ad63-deced49b0b98", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty.aggregate:jetty-plus 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0fd572aa-2e80-5291-b5ae-daba4513d432", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7eb38887-aa4f-56e1-93f4-ee184b92eb98", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0556d757-b122-5aaa-a9d2-c2837ab18b21", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ea9f36e-a05b-527a-b171-4a67856961d9", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24c04452-eb6a-5627-b95d-ad4572a1698f", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d50451f-0b3d-5d56-af1a-7e9aeb1254ee", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84a905c9-e251-58b5-bd65-3e4a898e4aad", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9d2f2e7-2273-5de6-9344-1da6a2118acf", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55e6d84a-6a44-58a5-9365-814ebb2b16da", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d3f1186-16ea-5a5c-899b-78437e563181", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8b29b5f-a40b-5f21-90cc-40e5b5e2880f", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c20a345d-5647-5b42-80bf-1174d5b1acde", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23a0541d-6efa-58d1-8c0b-7e098e19b4b1", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9c66c40-c33a-55bf-afc8-8b9954f62336", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-plus@8.2.0.v20160908-tuxcare.2" } ] }