{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a35d52e5-9fa8-580a-a7e0-ccb54aa9a5da", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-servlet", "version": "9.2.16.v20160414-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ce157cbd-f7ab-5574-89b7-ae54c910d97a", "id": "CVE-2017-7656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7656 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cdacdae2-cee3-5100-aa7e-f3585c5913df", "id": "CVE-2017-7657", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7657 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e090cb4f-a71b-5334-be88-931ad38119ac", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac37bf06-a26e-5362-bd00-59f858846d40", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9911bed9-12b7-5b65-a769-1af1f4183045", "id": "CVE-2018-12536", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-12536 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0ab715a-d9ce-5484-989e-4450836bc5f8", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5669ee78-8bd3-5aa4-a9e7-404cb0c8e045", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38aaf49b-f259-5f60-b7cf-db5518dedec2", "id": "CVE-2019-10241", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10241 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2e4aebe-0b23-50aa-a800-f4131ce306b6", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b00179b-078b-5cdb-98a4-0f2594143f32", "id": "CVE-2019-10247", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10247 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17a9ece6-b4c6-5ffb-8608-5d9e27d9f72d", "id": "CVE-2019-17638", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-17638 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9205c6f-7563-52cd-9bf2-7b2e28d1ecd3", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17b42265-2e0d-5fe4-b809-9d62a71d050a", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:433210de-e595-5412-8ed4-0591141515b2", "id": "CVE-2021-28165", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-28165 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04a96984-4f01-5e7a-a5b1-36cc62043bc9", "id": "CVE-2021-28169", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-28169 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:210916f4-c1f2-5889-971e-db113364d438", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13d280ae-1dc4-5e09-b096-f429d282b985", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb73c874-6121-5932-9ba5-ecbb4fcf0337", "id": "CVE-2022-2048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2048 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc6bd210-db31-5284-837c-6ced75f011e5", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c30846d0-1069-59e8-962a-a5797d1b59eb", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4445dcac-9b83-5547-9da8-ab6e433cd3ad", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9576dbf2-0fe7-5623-93c0-e1eaa855dbfd", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:610404a0-f8b0-5135-8603-ebe372e1f3a9", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46fd4e48-794e-5dc9-8c9d-d5bf49bcb69f", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:032ae5d4-288e-55f7-adc9-1bfd0adb6077", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb0b0ea7-a3af-56c1-8d4a-c044c6339b11", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f734bbdf-4515-5eeb-9fa8-aee7cd79fbe9", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c982e9f-26b5-5490-9045-7400ead329ce", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f968dbce-57fd-50e2-a7fa-263330d8ebe1", "id": "CVE-2025-11143", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2025-11143 does not affect version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet. Jetty version 9.2.16.v20160414 is not affected to CVE-2025-11143 according to advisories." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:210516a6-d963-5aaa-827f-2f40729a9924", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33ba2206-2391-5c63-87a9-a96c01e4d5e5", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7bf36885-fccb-5592-a58c-61c551819a40", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4185ca6a-a156-571b-9075-8cab3c4265c8", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.2.16.v20160414-tuxcare.1" } ] }