{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7318b7e3-9ef0-54c0-987f-b00d64b47667", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-ajp", "version": "8.2.0.v20160908-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:91f7aba0-044f-5689-8bd2-3a85c788f3db", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty:jetty-ajp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:900354d0-21e7-5fc2-83f1-c2d955d5c6ab", "id": "CVE-2017-7656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7656 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a622010c-5296-55fd-b97c-9a675fdb63e1", "id": "CVE-2017-7657", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7657 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2263495b-5424-5091-aec0-2fa1c9d034be", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f88750e-aec7-5262-8a22-e0a5c7005d88", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b511aa1-de91-564c-93ee-5e23a0b5d7cb", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23588742-44f9-5783-b7d4-ff194bcc3661", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3532dcb0-5650-520b-b85d-a03d94942a1d", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9b52653-79fc-5bc0-a811-abaa74d36cfd", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f677775-0171-5982-8942-5f6cf8470319", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02717c3a-43ef-5221-9b73-422739632bc3", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b1ed8c1-11e1-5b5d-b5e3-413ea5e83d45", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c12d55a8-8268-5ad4-95ac-e33d91b49624", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64e966c3-a7b4-5b7e-8da8-f3372ab82cd3", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79e46670-a476-5836-9e49-83eae7f7f0c0", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty:jetty-ajp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eeefd376-8f96-53b1-bcf7-8ef95450631d", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty:jetty-ajp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24dcce12-e9db-5e16-ae93-f3a8d0b13ccb", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49b08eea-e1f3-5b76-9b53-217bf6a6fe15", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82dd6a73-d2c2-525d-b9aa-76c9f180367e", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty:jetty-ajp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb9bcb18-ffcc-5192-a4c9-0b2833eb8e96", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1a15e50-d7dc-59eb-9453-964a61a3f334", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b977784f-d13f-5ddf-8f98-ea53c9a1b4ab", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de69496f-65b6-58d8-a938-31caa4380fe4", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e0afcce-8567-5d66-a8ea-bbb2641448f0", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d26cff69-9f34-5d27-9cc0-fe9dba34b364", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2791f097-4e56-5d29-95df-db77a6ae5cda", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0a1db2b-8ead-5fa1-abee-4ab67758cab1", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88b2f83e-8246-5e7b-b0c8-d9f4fd994513", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8160d74d-e93c-58e6-b74e-2516f29db759", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b909a95-e265-5ec3-a624-f51c15eac6f3", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb05c177-f860-52d0-ba2d-5e6dd690887b", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d886dc54-5323-514a-87a2-b706927e7be7", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3371644a-b5eb-5d4c-91f6-98d2d5aab42f", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-ajp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-ajp@8.2.0.v20160908-tuxcare.1" } ] }