{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:30e7c70a-55cb-54c9-8c7c-b9b65adb9f51", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.aggregate", "name": "jetty-webapp", "version": "8.2.0.v20160908-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:339699e7-0c69-5385-8dee-65b9cdb71af7", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty.aggregate:jetty-webapp 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc7a4bf1-db74-59fe-a6c6-935d67da35d9", "id": "CVE-2017-7656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7656 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98ec733d-5e1b-59d6-90b3-3043ca0fe594", "id": "CVE-2017-7657", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7657 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c717cf4-78b0-530d-9ada-ee480612c8f2", "id": "CVE-2017-7658", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7658 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76e13cad-abdc-5fca-a90a-39a51e76b933", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90fff19d-0b15-5ac9-b7ad-6a1c5fbb137c", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d8532da-bca9-5129-a3d6-e9fbc8f60205", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f042e094-ba81-5af1-9f1e-7cab5767ffe2", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04352a5f-422c-5aff-afa8-f6c1e0c22f1f", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3373c0ae-ef3a-5426-a6d1-24b3da500f73", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:56841adb-6fee-55a4-95a3-2394f2b80be9", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3bee14d-66c8-5cf8-8f3f-be14af4c9719", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac5a3491-ee3e-5fbe-baaa-7b81b8572353", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6678ce7-d2f9-5a6c-b288-66a6d7b185fc", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d3c7ae3-5be8-51fb-a015-de8a920669b5", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty.aggregate:jetty-webapp 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6bbba862-38b5-51cb-8c66-ac170d4c5e73", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty.aggregate:jetty-webapp 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91c77d6b-4e25-55af-8560-85aa26ef10c2", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba8effa3-1b04-592d-8fe0-f99d334fe048", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b19b8522-d6fb-57f6-966a-f02363d719e3", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty.aggregate:jetty-webapp 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf4aba3a-6f02-55d6-b4f0-0fb1e768fc2f", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d524526-10fd-5c75-a0b1-e842a9cd2f77", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:baa298d1-690d-5b47-b152-5726345d0809", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69a2bd2b-f77b-5d41-8ff1-6432c36e7a8c", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5cc07f9b-a0f3-5280-9428-5e0edac7a9ed", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb40236d-2a94-5a70-8a68-cc9cbc32e232", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7a764b9-15b4-5983-84d1-bbe1ccc98f62", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6425b3e-a162-540e-924a-f5f62c4dbe5a", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc14805d-c114-5be0-bdd7-7bc1cee536e3", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9859624c-391a-5395-bbd6-e716a80f7ced", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ed9d259-ef37-562b-932a-d8e21d6d48b1", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7aed7fa-2d4e-5158-b7d2-261877910bfe", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:416a7abb-f8dd-5644-add9-a534652d1f7e", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e2204eb-6a54-5236-957a-324a7d78bf6a", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-webapp@8.2.0.v20160908-tuxcare.2" } ] }