{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:242bfae4-5bcb-5d3c-a6fd-3046882bb875", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-servlet", "version": "8.2.0.v20160908-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fbfb05a4-f902-537f-b9b3-75eb940952fb", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty:jetty-servlet 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6e14783-7d02-5860-90ba-bf22209f0151", "id": "CVE-2017-7656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7656 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e74e859-b536-520f-8213-90890ff62ac7", "id": "CVE-2017-7657", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7657 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:607d46c4-2830-51cd-8ac3-e140bd30cdca", "id": "CVE-2017-7658", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7658 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39ea439b-8bb2-5fe3-adb3-913227dd747f", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5057cd0d-04d1-5ff6-b489-3566e861a5d8", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce54c2c1-28dc-5371-a224-4493e17e99f9", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce237d74-a60f-5b52-9fa4-1269c79c9dba", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc155d63-d54b-540a-b247-b281b1d14565", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6a686db-d0a8-548c-a2d1-436bb97de88f", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e867eaed-a432-5d58-85ef-b701d1f6d4b0", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cdf45ea8-e83e-5498-ab8a-2cb943892ac4", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:167c251b-425b-53eb-83c8-d3cdd033d8ca", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06193d7b-a27a-5d95-b90e-7a633b6921e8", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c309c74-144c-5e7d-a411-4436738a1bc1", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty:jetty-servlet 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:960459b0-5c34-5baf-8ddc-9dbdf8c51528", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty:jetty-servlet 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78e607ba-4a70-53dc-b88a-adaf4e4043e1", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80c63eb8-5da4-5621-bd12-93ee8a631373", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa855020-b03f-5f86-b449-ae0110767bad", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty:jetty-servlet 8.2.0.v20160908-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69b6c8d2-5be8-5acf-83ae-b229cc78b54a", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91808da1-5ceb-5c97-8d5b-06048b2fa164", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1b5f64f-b5dc-5580-a7d3-0d0f9880d23c", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c82b83c7-e94c-5423-8b23-549e5bbb245e", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a33b205-6db9-533f-80cb-44d6d05ebdb2", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb592e1c-aa17-562c-9525-db69da05fe31", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:069e415a-f1fe-5c45-b2b0-4474306e9ab0", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d07dbea-f21b-519b-ac44-2a17d5b0ac94", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37611cbf-5f64-5164-829b-8bc2301a3bdb", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:332dda76-ba75-53d6-b044-c0f9508eea93", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b22ddacf-f6af-5309-8213-6aacde9bb555", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e65f3ef-b45e-5681-a2c5-7da44cd9cc64", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7eeb9cc8-4cd8-5547-bb9a-f3dc9ceb8509", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7f3c491-ab6a-504a-91ca-61fa3f9bd8cd", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.2 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@8.2.0.v20160908-tuxcare.2" } ] }