{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9b08e3b7-045b-5a82-83f9-a57584d356cb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-xml", "version": "8.2.0.v20160908-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:50078232-358a-5367-83a5-5e996b273b00", "id": "CVE-2015-2080", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2015-2080 is a false positive for org.eclipse.jetty:jetty-xml 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fce756c-5e6a-52f5-9513-f3c5a003a71a", "id": "CVE-2017-7656", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7656 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:348bae8e-e5cb-5610-9fd6-468518d9343d", "id": "CVE-2017-7657", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7657 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ffb8202-33e6-5264-93ef-6758159a55c8", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ec06e7a-9edc-5fcf-adce-6ed189f4ff3e", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5334694d-0d28-5b7c-a9b5-386730f59111", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2fb49f8-fa6b-5bec-b5ce-e3a2cb31a1cc", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6e3cced-ed89-5a8b-9d5e-18c182491b02", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2079d35b-dbdc-5ab5-99e3-63f72919c899", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6bce9fb5-64e4-5a80-adeb-05faa870ed3d", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed393869-8c0d-509d-be58-af6675f6f2bc", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a9b1c31-eacb-5585-9474-333e6b9c736b", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e68c773c-fc93-5d2f-b4cb-bb19049162d6", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e6c9c9a-f433-5e82-8b96-dcaf0e34439f", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab5e3271-2e50-52f5-9e29-3b48bee71f7f", "id": "CVE-2021-28165", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28165 is a false positive for org.eclipse.jetty:jetty-xml 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18789ce3-0d73-5e4e-9993-b28c1a344ad3", "id": "CVE-2021-28169", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2021-28169 is a false positive for org.eclipse.jetty:jetty-xml 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc403753-b714-5b9e-bb63-085fa357ce22", "id": "CVE-2021-34428", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-34428 is fixed in version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba30fa9e-5db6-567e-a857-68f1b66f09a4", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d414354-61ae-5384-807d-707ab9550078", "id": "CVE-2022-2048", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-2048 is a false positive for org.eclipse.jetty:jetty-xml 8.2.0.v20160908-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3424cf3b-57bb-5355-88fa-b8fa5f3bdfae", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e92d9805-2b05-5588-a883-6be928ce2bd3", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d35c17e-96b5-5721-9515-994608e3c35f", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49723648-c963-5862-8e9f-ea9327c3a874", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b313f16-5da1-5f74-9732-74af46d31184", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9b5e793-c54b-5a53-9a71-4d417d9712d7", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49f5ac43-5d3f-5c58-91bd-641f5990f7f1", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8bf55064-8b39-5f05-b771-8234108d5294", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3da45484-1bf3-59a1-998f-e640c857f1e6", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dda71ed3-5c54-54d1-805e-326c2e94f43d", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19083562-c454-59ed-893a-671529c3349c", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e071c50c-fb46-5c8a-98a0-af5957dcd915", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d9c5252-9bdb-5917-8ed7-4776a396753a", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:731f6fb2-caa2-58c1-9a79-1f1dda87307b", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 8.2.0.v20160908-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@8.2.0.v20160908-tuxcare.1" } ] }