{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5ebab3a8-302f-50e6-ae2f-47e8add786d8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-webapp", "version": "8.2.0.v20160908-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b18be520-bea2-5e68-962e-4a6d546c1ba6", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty:jetty-webapp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:510f7725-01b0-5beb-88b6-a7b387378c0b", "id": "CVE-2017-7656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7656 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03363d54-9c11-569e-bd1d-3033f29a67c7", "id": "CVE-2017-7657", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7657 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3b93e42-14f0-504e-8796-9622a7f40648", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d115776-2879-57cf-8599-0c6af5e9cb3a", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78d05129-7f0f-57c9-b524-110db0792221", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:509673c4-42fd-5418-940d-02ce094eaef0", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:809f492d-2620-52dc-932b-8169e1a58786", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f197b40-3c0a-5887-8743-d8e5ddaaf365", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:922a4551-559e-569b-99d8-aafa1cd7a702", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fb9348e-a332-59a0-8028-267eede787d2", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03496122-7cbc-587e-840b-733c9c720df4", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1110ca3-0d83-55e4-8102-d0eadd2a2e85", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97b036b3-721e-5799-ba7b-2710d17bd7e4", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a499f441-da5b-5081-b937-81e6c2f1fe62", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty:jetty-webapp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd5c0bbe-a632-5f46-b0e2-b5a1fe199581", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty:jetty-webapp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9341ee18-462a-5731-9ac5-4f012f4fccae", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29240426-db3b-5c41-a20a-374e8760e6a6", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bef78333-40ad-504a-89a0-c3fc62bc5a09", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty:jetty-webapp 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c94d2666-3f5d-5199-970e-3238e36c715b", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95511f30-a214-5432-ad42-c888681d91f9", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f13b9492-32a6-50da-9316-bee2037e841c", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54559b57-7547-51ba-a6a3-a0b8489f8ee2", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:679fee53-5f2b-5ef8-a8d7-98a7c97678ac", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:319d0e3d-eec7-5c0e-8d83-f301267469ab", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:195ce313-caa0-5192-91e6-d62abe994a3b", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82033b8c-5979-59bb-a335-9724dd1a7274", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad517330-6d7a-5cd7-bc98-949ba29f0e63", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31652768-5692-58fb-afdb-83e2c12ba6b0", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ab5cdf9-49e0-580c-98fc-332e76571a74", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbd2a922-0962-504b-9270-499839d0fa51", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af944850-5831-53cd-8fbc-aea8aef036ac", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:469a131a-6ad4-5472-8d9c-3e20a546bd26", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@8.2.0.v20160908-tuxcare.1" } ] }