{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:abe9b102-791c-5dea-9647-5974002066a0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-http", "version": "8.2.0.v20160908-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fad30d98-ac5d-5f90-ad5e-5036ff0d09e8", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty:jetty-http 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c458de4-bf7d-58de-a618-f821092b2e7f", "id": "CVE-2017-7656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7656 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f62818d-85ff-55a3-bf17-ab8d00b53eb3", "id": "CVE-2017-7657", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7657 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53a1c664-1ac0-5f46-b824-3333636b0177", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4887893-82d3-546f-ba39-d187377d4849", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47721c7d-329a-5268-981d-a1fc800d6f69", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13d35789-2a66-56a1-a6a2-6ce1e9e7bf84", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3012260a-4702-5aea-a15b-8fb662d79a78", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d212fc4-b5d6-5d93-9a66-050ba2b585dd", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d743367e-e3c8-577c-accc-687a6d9da4d6", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05354d26-7082-5e81-82a6-2aca977dfe0b", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2bbd7279-be0e-5f1f-8bb6-f8493d93b2db", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2bf7649-b037-57cf-8002-2f9c9b5d55f3", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92818721-7dc3-5e0c-bade-09b414191942", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32a865c8-8017-5439-9e85-eab7210284e9", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty:jetty-http 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04d5dd7e-cdd3-520a-ba03-2754700eb3ec", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty:jetty-http 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:212d3633-345c-56d5-b1ea-83f7647edacb", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96fe096b-abb1-5a6a-acc1-01ab1461b325", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b56b3e69-7b3b-5b4a-afd7-3a95255350ef", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty:jetty-http 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7c154a5-d068-572b-aef6-d24c67bf5cf4", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b37fa60a-b346-54b1-b297-7a483b048f2a", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f444f8a5-9019-5564-9f04-dc938b286707", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b8d7cd5-ec89-5904-a2a8-f4ac30012d4a", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4bb88cef-3159-5f16-91b3-27097555181c", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:138ff4ac-1bdd-59da-9e82-1781aaedfca6", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db276874-f5e6-51a6-8487-78bb463a0762", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3fd61d63-29d9-51d1-879c-38525026b048", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46a86e81-cd0a-5047-a440-f0b3a3fa3087", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2e31709-420c-563d-9b4d-7f49dfdb2ec7", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df8dd109-3a53-5391-9d97-7239e7182b56", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3420493b-2a6a-51eb-a545-57cfd20f67de", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7c13b47-6ae1-5de8-aa4e-60bfb2ec5f83", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61d50efd-0c61-5292-8c08-9cc1ed2920a7", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@8.2.0.v20160908-tuxcare.1" } ] }