{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:84adff24-c979-593f-9d35-d2d989fe0f5c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.aggregate", "name": "jetty-websocket", "version": "8.2.0.v20160908-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:22b22f72-b4b6-5100-adf7-6690ebaade2f", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty.aggregate:jetty-websocket 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04cab2ca-301c-569d-9347-2558baa6cd58", "id": "CVE-2017-7656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7656 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b1a1e2e-68fc-58db-b52b-bd2db1220558", "id": "CVE-2017-7657", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7657 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ba4fbb6-6810-5ada-9d22-30cdcb4ba058", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee63551b-151b-50c9-8c23-b2314218ace7", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7229d145-e8d9-5539-a578-a3ead47f2a3e", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f113227d-6cc9-535d-be1e-f5871bf9597e", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5b5b9d1-76d4-547b-91bd-66ad842eb26e", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab71f791-4ff7-5c80-a3d8-7d89a2366443", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:277c8576-b791-5148-a4f0-a5b074e056bb", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ede10b2-3d01-5cd9-81a1-6b71a8806a9d", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc6633af-65e5-5d3a-9e6e-20a9bb613284", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad9e2b30-47fc-5a57-8d39-20a002551a3a", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:daa74b8c-a850-5830-8821-4075928ba29d", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd91d199-61a1-596e-9271-e6c4948a0c85", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty.aggregate:jetty-websocket 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:592d91a1-f55e-57ed-b266-f5b6b5c9d5d7", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty.aggregate:jetty-websocket 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8a668ef-4e38-5989-9263-efab66ac62fe", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7446960a-f299-5871-928a-2c9787af074e", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbe2ae29-efa9-544c-9c40-15b754b746c0", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty.aggregate:jetty-websocket 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0cab692b-52b6-5bdf-acf2-524427639065", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e14881fa-1268-5e83-9110-719049e7640a", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3ba4ed4-6d40-55bd-8b42-96edd3873da7", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3ca82ea-8305-5b96-b639-c6c79f5f66d3", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e55d375f-bdb6-5928-a5a7-e95cdb694c3e", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c6dbd0a-6f2a-5738-bb43-f3c0dc3e2587", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da3ae824-be7b-53aa-856c-fb2d54dde745", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1eb9733d-5471-55e9-b8c5-90b549b0aa26", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96538a73-ea47-5d2d-a4ef-6c45c191c486", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a854dab2-f285-5429-939e-688a0628d560", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89bcb50d-1945-5e7f-96dd-f8833a764152", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7eb224c-881b-5eaa-b07a-74e29a87ab24", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d970f5b-fcd6-522a-bf10-db75d5776fb5", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:064103ff-7225-55f3-9c97-4d19ee477999", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }