{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6766cb1a-1726-5b0d-b069-d45b1845d99d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-http-spi", "version": "8.2.0.v20160908-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:54281c91-fa6e-57f0-ad95-93ab2d10078d", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty:jetty-http-spi 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8f1ce73-8baa-538b-b642-1f27063d45cf", "id": "CVE-2017-7656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7656 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c23ceb2-6178-50a3-bf33-9b0d1cdb93e1", "id": "CVE-2017-7657", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7657 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6fdcbaf-809d-50bf-bc4a-d6539e80a92c", "id": "CVE-2017-7658", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7658 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3837663a-3cf8-5dcd-aece-2428bd20c8d9", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58e35e3e-cf13-5fef-b870-50c04c5ed54d", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6bcc7b4a-50f6-5d08-b2bb-05b74c00a0a3", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:366f2d5b-94ac-536d-9e3c-f813da253697", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c01ada60-c5ba-54df-8301-b8dc2d2d0398", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2ae6868-b54c-503e-bda8-f3a99f64ff02", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8853d2f-267f-54cb-b019-d7bcf2a39d84", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b333373-ddda-56cb-b504-cf7940a82780", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a77f76e3-6431-5449-bc73-2cb4e06ea5be", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:54c12d88-a414-5595-9302-7e1a73fa469c", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f965b1cd-1099-5a04-a88a-fefc28601bcf", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty:jetty-http-spi 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d700fa0e-a35c-5e76-92d9-3fb20a3d8939", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty:jetty-http-spi 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eec69d23-2033-584b-8861-7422638a108f", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa349d39-b7a1-53d2-826d-0617f14ed91b", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf057363-0653-5d7b-be72-d4f838849615", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty:jetty-http-spi 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:493d29d7-9550-56db-b391-ce9c9148b4a9", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51633529-aaa6-5f75-bb74-18c9d0253abd", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd0258d1-edd9-56d3-999b-d43369897ae9", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfeafd6f-a6d7-5335-9a52-d9f23c6f0d68", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6be8d56-65e7-5a5d-9174-736db69922a1", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7eaddba-386e-5004-96f1-4f250f9b489c", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b54343f7-68a8-5099-ab90-10e17c1e966c", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11d39dff-4ca3-5a7d-9420-95dfb7c34eae", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d2a1d41-c229-590a-a2b0-c54d93dd123b", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8699a88-85c5-5ec9-a622-242b0e39078d", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:265e3d2b-c782-5fad-827c-0fa6fe4dbaee", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6209bd7-a9b1-5a8b-ac35-781efac31ac1", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b124e7b3-9386-5428-92c5-7bb610b02fd0", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4910d5e-e430-5ac1-8c5c-9615eee1add5", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@8.2.0.v20160908-tuxcare.2" } ] }