{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:93e4adfb-2223-5555-afac-202a1bb26d42", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-policy", "version": "8.2.0.v20160908-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:845ecf56-f06b-59af-8bd0-a4ea1123e616", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty:jetty-policy 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b03e811c-df27-5a23-8a04-ee2af900170c", "id": "CVE-2017-7656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7656 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cba58b0c-7ba9-51b8-aa76-bee029bb6f8c", "id": "CVE-2017-7657", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7657 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7bae0307-64a8-5bda-96f3-99cfe73750be", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9fa7c3eb-cc4d-50b8-9f3b-be6271361aa8", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db326fca-b855-59d0-b1bb-a5ee6f1edfef", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21398567-882a-5fb9-ba3b-9a85445ff306", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a4beee4-5259-5490-ae49-68326af010f8", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:275083b5-d563-5c1c-85c5-f0408b9d0179", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43d17e8a-f8a5-5406-8539-7fcf794879c4", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:906e18f7-0d32-5632-97b9-786b7c354e7c", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a5fb275-79f9-508d-aa97-7796ff319da6", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d5bf619-3ec9-557d-8d47-7a0401ce503d", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa02c396-fa93-5b3d-94da-80e151ba2ec4", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ff87476-5d11-5373-bceb-080a1c369453", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty:jetty-policy 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdb88e94-d368-56fa-80ad-383d374d6487", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty:jetty-policy 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee8c248b-e79c-5b34-b22e-156a1d62c641", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55cfa75a-359e-5c78-8c6e-99db03801eec", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84eb3396-8d7d-5335-bec7-0a9d0dcd6970", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty:jetty-policy 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:158fcb33-644b-517c-b7c3-efd4d9168651", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3625bc2-d997-5aa5-8181-b51e74f3099e", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b2ca8b2-56c5-51ed-baea-d12e80b4e5d9", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1d75dc6-b357-538f-a068-48a342dbead0", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6f52ce3-f5cf-5d32-a792-130e6620137c", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21c2d7f9-e481-5ca2-b0b2-6d754cb62072", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b90d22d-ad96-5db0-be18-fb7515265b64", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4381c5ac-ca50-57f7-8324-94326a07c243", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95cb382a-416e-508a-bb42-8bc57dd0a991", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd946cfe-0462-56ff-a5c2-be89c292017e", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d82e182-8f6f-570a-b664-23399912854f", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:965f16e5-e15a-5b6a-8121-c1f7e1613ca0", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba6bd802-4779-508b-a28a-534fa76bb332", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c44c23e-9fa1-5ef2-9371-027a6c1957c8", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.1" } ] }