{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f16645ac-49b3-557e-9476-2c0179e50533", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-distribution", "version": "8.2.0.v20160908-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:27f5adcc-41aa-5927-9e93-550b40ba75bf", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty:jetty-distribution 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3e860e7-2e5f-5747-b95c-0cb27926b318", "id": "CVE-2017-7656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7656 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44e90cc8-ac5c-55ee-b8df-6d56c52ab282", "id": "CVE-2017-7657", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7657 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:531a717f-d4da-59ac-a182-453533a85085", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:274b51ea-8cea-5d56-bc06-506050c7f366", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56979248-2f13-56f5-8f56-74362dbf6c01", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fba325cd-35b2-574e-87f4-bab6f7afb23a", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b1e7fe5-2b2c-5151-84ee-c6ba40a296e8", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:587d4310-dcda-5f43-8944-df8c34d0f113", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:686be682-6c51-53da-a6c3-997069e2c71d", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fefbdc4-89a5-5c30-8663-3c93e4a5a199", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f603c25b-8299-5ae4-9748-8ea13a5e2103", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:619ceef0-6a31-5784-9a81-f810a8e5c55b", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27daecf7-479f-58ac-92cd-eabce74bcecb", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abcbed90-94fa-5bc3-9f58-7f4b25719892", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty:jetty-distribution 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18644c96-6162-55e8-a261-43b88cec1275", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty:jetty-distribution 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:991ad819-4f73-5914-9e5b-3e488ff7089d", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba6962b0-c89f-55c5-addc-fa89118740ee", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:050e567d-0cf1-5c2e-b3de-c98221baaf8b", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty:jetty-distribution 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a199a7b2-ee48-516f-9fa5-3c398cb13b59", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb734f32-ba6c-5e92-a3f3-afae104ff8e3", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b0e2097-6856-56c7-8a6f-33bb3a4d4033", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:065a3f00-f7e9-5f28-bbc0-d214fe740e3a", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:899257dd-aa1f-54f5-a3cb-953b0186e2cd", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae3dddae-78f4-5365-87ed-3094abb6e2ec", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1885a14e-5d7d-51b8-ba56-9934db1f2cd5", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9773c47-9841-575b-b388-83bceb1f3447", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a690658-ba8b-5775-b1bf-e17b1e50b4da", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0bfc899-83f7-5607-8219-c44ab1676882", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0109874-4714-567d-9942-f6aa4f8e3f1c", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f19edd01-173d-5133-9e21-0908a9315df8", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eea31d3c-9426-5e89-b017-e6780ca99be8", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8646a5f3-c34e-5320-b3d3-180534ef6b1a", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@8.2.0.v20160908-tuxcare.1" } ] }