{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7244b8b6-76fd-59e3-af64-abd1c4a8bc48", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-jsp", "version": "8.2.0.v20160908-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c097badb-f261-591a-8ff9-9781eb281032", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty:jetty-jsp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89f09476-94b5-56f8-b772-37cd642c677c", "id": "CVE-2017-7656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7656 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a61cd3c8-520c-53f1-8a69-93825e1fc403", "id": "CVE-2017-7657", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7657 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16256655-137b-5445-b4ff-30fe91becd67", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef63d7b9-6381-524a-98d7-df31311246e5", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06525959-7df9-51ce-addd-811c91fe12b5", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce91b127-29e8-5692-8600-b812cb69ca6b", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a28a49b-5033-5abc-aab3-f282dd87b5fa", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61b83677-1de0-5ab4-97f7-3f80a46fb63f", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23b1df2c-d349-57fb-8731-c887a28f9715", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d3546c5-3181-50de-ae91-8b783665b8c3", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d8a7102-f80a-5167-81a6-78d8f7974609", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90ae5444-9d06-5d17-aea7-e7741eee876d", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ea3e0d1-ae5f-5b6f-bc2d-2019b3759450", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2016b1fc-41f7-52a6-a532-8f9907b94402", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty:jetty-jsp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b5fe726-9fe7-5e22-83d0-e7134b2e829a", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty:jetty-jsp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41ae93b4-c24c-59b2-a249-4b02f41c41c7", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e3552e7-6fe4-5285-a402-4b166ce4b60a", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4dde726-9913-5e7e-aaa3-4e872a943de6", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty:jetty-jsp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0ad3c3a-98c4-56fc-84e0-a8114204f563", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d80b194a-a3d2-59f4-b5d4-8ea76ec1f064", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63046a56-3b49-57fa-bd83-555594992188", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5dee21b3-271d-5550-8b34-a7ac478cb20e", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba23a49c-a4c3-51e6-99bd-92859f1396cb", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91e4cdf0-b221-5bfe-9ad9-af5b8ce23ba6", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7531dc4-9664-5e51-9d8c-c2afe16e722d", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45fc266c-2767-53eb-99fd-92bdd6907820", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7ba7b91-49cd-5899-ac1b-4e3aacc61374", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29e5fe21-94a0-55b6-b203-6333ec16b977", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f75585a-de2c-55e7-9c0b-e3a74d9999e3", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b28c60bf-01e9-584d-b9d3-0f2b1ec47d67", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5230fbf6-bcf3-5e34-8096-19a5dbfabc77", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3767f07d-7001-5a6c-940d-21248ada79de", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jsp@8.2.0.v20160908-tuxcare.1" } ] }