{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:485932cd-1b0e-5e29-b4a1-11c6cee014f8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.spdy", "name": "spdy-jetty-http-webapp", "version": "8.2.0.v20160908-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:73b147d0-bf15-5741-970e-6ac8a3f24bd8", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty.spdy:spdy-jetty-http-webapp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea790ba2-b717-5bbe-b30e-2b5ffa6cb782", "id": "CVE-2017-7656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7656 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c28ceb65-a141-5f95-ac53-3b2720601364", "id": "CVE-2017-7657", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7657 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23dad15a-b8af-501a-a242-98697ee90592", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:605e9912-48ae-5c08-ad6b-5af4919ded4a", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:391ea1d3-bcd5-58e3-abf8-768926aebe57", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f40e227-f553-557d-9843-1f172506f26a", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c369a54-31e3-5a41-9e44-df54612a85a7", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f55872af-76f2-5ec6-b858-527b2a8ce8ae", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9a304ea-87bf-5911-becd-c35943d674df", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d494b54-b11b-5fba-8ec7-6bb5b41a9003", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a380e96-7d9c-52cf-918e-51066684b7ac", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abd564d8-a29c-5b15-9e63-1298bfa83076", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d915a2c-c022-54b5-b477-721f6759f2e0", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:638a8761-d0c7-54ab-bd7f-2d7fcdd22bc7", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty.spdy:spdy-jetty-http-webapp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cec18aa9-a8f5-59e5-893b-25fe5e4bf1ea", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty.spdy:spdy-jetty-http-webapp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5950bc50-924b-5331-930b-13523cda934d", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0393414-939f-5804-9db4-7863c0795a0e", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd5b0ff1-560d-59b3-979f-4f54ccc3ce6d", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty.spdy:spdy-jetty-http-webapp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81a9e9a2-a059-536c-85b4-b8a2a534a430", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b784ce68-2741-5996-b5c0-32cceb755128", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a762bc69-5920-5282-9880-1e3f57651473", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e7d3aaf-635f-5f6f-9562-ed6e5a7382f0", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71383737-2a2a-5032-af75-ff74091dff9f", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e1ffafc-3462-521a-91ed-5ec72cd03df8", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ead3e849-e313-5bcb-b55a-e0d5d325e4d4", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:873873b0-3945-55d3-b56e-8cd7e63ecd47", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:693e1f15-f595-5e1c-939f-919d355863d0", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46c6beff-c320-5a2e-aa39-be51b590876c", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28c741a6-8ec3-5fd1-b1bb-86d141aa9b95", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1013068-655c-5bd1-a4f8-ab0ea9de352a", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfedd746-371d-5648-a3fd-3ce95041ded5", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69cf8041-1b33-5178-a416-91d3453dabc7", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty.spdy:spdy-jetty-http-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.spdy/spdy-jetty-http-webapp@8.2.0.v20160908-tuxcare.1" } ] }