{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c92929e5-a69b-562c-9f84-7afcebffde72", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-policy", "version": "8.2.0.v20160908-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:32e67b9f-b27f-5603-91e7-330b75ad668f", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty:jetty-policy 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ad02ac0-9311-57b9-b9fc-64fb40f36d5f", "id": "CVE-2017-7656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7656 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1824a6e0-4467-5aa4-9478-2ac26a2da6e0", "id": "CVE-2017-7657", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7657 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b31338c-f745-529b-a152-89920ac53624", "id": "CVE-2017-7658", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7658 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b5933ba-c030-52a8-9d13-a63aa4e31f57", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90911c44-d7a1-5998-a54c-74b19173d936", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd4b7677-a060-5ba3-a188-0660fe86445e", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae59d6d4-e011-5530-bb15-bf0f7881fed5", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:56464614-609b-5d14-8904-b47188c67387", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7d09143-8dfc-5490-98d9-ce31362ea376", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6510163-501c-5f02-a167-0e9838d8b34d", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07eec7e2-ecdb-5fb5-813a-0b4db6e3f7bc", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:868e9e55-9c07-525a-b67c-e305b28672a5", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d7638d5-5453-5cca-a4ab-0e6fda1c81ff", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9200884f-db14-5292-ba2f-ad6cfba1ae03", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty:jetty-policy 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80d2c9ab-3688-518f-9fdc-291d69bb745a", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty:jetty-policy 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e295479-664b-5687-b224-b93d37f26768", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd422edf-4501-5265-84db-613eeaf39f9a", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07d54601-d7f6-515a-a99f-fbc0e0a21d5e", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty:jetty-policy 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97f22f26-650c-535e-bbd0-f426bde6a109", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fd7b0cb-4b27-50f2-996d-ca429be8b24d", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96271316-282b-5d6d-844d-6bc65d681c32", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca238123-b1da-5c6c-8924-2997d836df8e", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb158425-b521-5e68-8e47-c1a689e5c29c", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cea5f595-3ac8-5d22-aaae-5c9cc57e1610", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0fd41434-4b82-54ef-bd67-669d18e0f8db", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:366dec40-36aa-5413-8783-4e8e94147136", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c38b95b-9cd8-5a44-87ea-83e5f1a8f94a", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a15f7ec2-8280-5cac-95f4-84344ab97ee8", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef3892ab-d0dc-5caa-8203-18cc58010ef6", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75dab496-16dc-540a-97f2-412711b80bea", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:204f7151-d227-5b25-ab41-26d7cbf968fe", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2809421b-72b9-51d6-8569-5107db9d0c3d", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-policy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-policy@8.2.0.v20160908-tuxcare.2" } ] }