{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eeaabd06-4bde-5143-8682-7b64ea797432", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-websocket", "version": "8.2.0.v20160908-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:07be3a16-4ee4-541e-b0f9-f91dc3027435", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty:jetty-websocket 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a0c2c4c-9af4-500d-99a8-5bb0ee3299bf", "id": "CVE-2017-7656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7656 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f00a0279-f0f3-5ae1-bbdf-a92f4ca22399", "id": "CVE-2017-7657", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7657 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58c09ce7-6c80-5a05-b30c-1f8ae0c936dc", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f219dab5-e08c-5fb3-ae22-41d987c2d2ef", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a329e3c6-a9ac-561b-880f-b75b97f6e63f", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9e90c7d-6eec-53cd-94a5-cf5daf6b4038", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55884765-55dd-52c9-ac7d-d3c599f35845", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02fadc9d-f353-5fbe-8c89-59bbcfc7f6bb", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32cb76d6-a498-5e8e-ab2b-cc81398f0772", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0bb686a-da54-549c-ac37-895be3ed8572", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6497a72d-921c-5047-a8a3-805ce2c512d6", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f85cad5-9459-5b44-b9c1-d7d786b1d886", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21948883-cde5-54c9-b6e2-db14830f4c94", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7753bd0e-0e00-578b-990b-0af470000f04", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty:jetty-websocket 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d29bf88-1831-5154-b426-392a127fe18f", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty:jetty-websocket 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:902ff8e3-5dab-5431-a2e3-7689eb74717a", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f26356d6-e835-5aa0-a860-c8d158057d18", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05271d61-beaf-5aa3-854c-4498a3c6949c", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty:jetty-websocket 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:595eef3a-608d-532b-ad2b-582b32f31ce2", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ceb6de0e-d268-5c11-9a88-435aa6fff88e", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26657dc8-1b94-562a-841f-c0e0e446047c", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8a32b78-ff8b-5aa5-84c0-df73658e7794", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:450ae9f2-91ac-5239-9488-c13adcf2aaa1", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:512f8e61-8d3b-55a1-9f4c-1fd76b446384", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ad57ab0-fc2f-5a7c-9699-f8f686df8882", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abc76947-d84b-597d-8c76-3ddd31664974", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c843a5dd-68eb-5558-9685-e26fac8d2482", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4e13fdd-fac0-53f5-9be9-b6d60e0e1421", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c61978ee-c346-5840-b3c3-756da7543ec1", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c0e989e-26be-508e-8013-d82946492564", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f706d58-f2d6-5b2e-bbea-415ce3da462e", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9cc1c84-2690-56fe-a75c-6f65582d5ea1", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-websocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-websocket@8.2.0.v20160908-tuxcare.1" } ] }