{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2166677f-47bd-563b-928a-85d8e725c51b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.aggregate", "name": "jetty-servlet", "version": "8.2.0.v20160908-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:31c4c5c5-59d5-5ac8-a9fc-f20a773045cf", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty.aggregate:jetty-servlet 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1af55b82-806b-58f3-a91a-536bbc56f1cb", "id": "CVE-2017-7656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7656 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b9ddee2-dbb4-5c51-a322-2b0c17f0338f", "id": "CVE-2017-7657", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7657 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc42e6bd-5f90-5053-bdcc-83f003f1b30f", "id": "CVE-2017-7658", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7658 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43077463-66cb-5ada-9f96-7b62bbfdb545", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef726de0-fd79-5426-840d-12ec6aaba267", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02e89283-3fc5-5f70-bd5d-a383c130ef38", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ff73a7f-6cd4-5a0e-8005-af474abcd3e7", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f4af860b-2439-5ec7-9705-ad1b046b7043", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa0e4ba2-3726-5d33-bdf0-8117251b85cc", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5996780d-54e7-5728-b8d8-7abe2e7e89e3", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29df11d1-192b-5a9d-b274-c3539560f289", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da5b394a-7e7e-5572-80b6-a410a9b1598a", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb97edea-65e1-57fa-a32a-f79b92fba53d", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4500c44e-8e0a-5a5e-a04a-85a92e70e401", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty.aggregate:jetty-servlet 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bc1afd3-200a-5e06-8547-08bb4f5da7bc", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty.aggregate:jetty-servlet 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a92270c2-0848-5c90-a6bd-5d1e5dea3bcd", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57014330-e78f-56e9-b89a-0e0643593731", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1043e3bc-383c-56b8-8b3d-4d0c1b1cdf0b", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty.aggregate:jetty-servlet 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:440d04ca-0518-56b2-a868-2794710845fe", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b0cb182-90d4-550c-ad6e-fac01d908fcc", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3fbdf53f-6df1-592e-9c01-a120c9cdea05", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:894067bc-d172-532d-9745-b8970d718a86", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59af983e-32c3-5c50-86bb-f09a1f0c29a6", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aac6b77e-5d0f-506f-ac1d-15575f7c52ea", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79608040-0053-58a1-8e52-bce1f163d9e8", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23b12551-8c3f-5ca4-abcd-65e7bf61b77d", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9310ae82-dd6f-5238-ae01-57bc289fdc77", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d79612b3-88e8-5ed6-85ef-09ed560e8501", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3fef212-4bb2-5e74-8778-faa946456f16", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f249d8c-e034-5b46-96a9-2cb4e7a73789", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6501b65-03f9-5c0a-a361-74b1cec5fc79", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:051643d1-1a14-5c30-a47a-7cc4ab68d801", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }