{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eec426c7-7fcc-5e6b-9c7c-96e8fe3f0a10", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-http", "version": "9.2.16.v20160414-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e9bc8970-7ea5-59fb-8e4f-f8c48c0286ca", "id": "CVE-2017-7656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7656 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26cf7e33-6e49-5fe7-98d1-1039f90214b2", "id": "CVE-2017-7657", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7657 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5aea0183-1c7f-531c-a75c-ed55b0289f12", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac34028a-cad2-5ba9-90fc-a0c85f6bf94d", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:699477d3-6f76-577f-8d38-0e2c00c0ec3a", "id": "CVE-2018-12536", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-12536 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9188412c-21fc-5945-a570-8b84e3fc7cab", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7927dbad-dd3e-557c-ad7e-e0a8eb446f87", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3997897-3499-5dcc-b523-88eb13422606", "id": "CVE-2019-10241", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10241 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb0cc9c2-7046-5972-8806-20ec7da5f430", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60f06830-6920-5235-a175-1f24bcc3418b", "id": "CVE-2019-10247", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10247 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f28246a6-74ee-5342-bbd6-73df15e8cce5", "id": "CVE-2019-17638", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-17638 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87c8cd6b-f029-52c6-bc30-1d32379a953e", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d84f43a1-40f5-53a8-8e72-65d9f60e8d19", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5cbc904-8ae6-51df-8f58-ea4ef9fcafe2", "id": "CVE-2021-28165", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-28165 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6a0a857-9e25-5f19-b211-5ee407853b57", "id": "CVE-2021-28169", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-28169 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:958e4309-f70e-5915-89b9-1681fd5dce33", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:957431e2-d6d2-5583-a22c-029c45cd9623", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4a4c50c-81d4-5aef-a735-f67db1d1cc18", "id": "CVE-2022-2048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2048 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9515b1e3-5f34-5595-8651-e34c1be61e06", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62423e3c-9bc0-59db-b28b-348c40b236cd", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ebc89eb-eccd-5851-b534-a4351cd60694", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e5b8361-2956-5669-99b1-805d9d7a649d", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4aad3f3-cd6e-597b-a16c-b92ad606267e", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8420574e-d97b-504a-8235-387d6852051e", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5d6a100-3ef8-5074-915e-73e52a675a49", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5116128f-d244-53a7-99d3-5a535d046aac", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99a186e5-1a66-57bc-b48c-043c054d9410", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53427bff-6897-56c8-af11-a816ea59a061", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78d0890d-b57e-5a53-8fb2-a1fdc5029a82", "id": "CVE-2025-11143", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2025-11143 does not affect version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http. Jetty version 9.2.16.v20160414 is not affected to CVE-2025-11143 according to advisories." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c47c23e-bf77-583e-a65d-bca2b68e413d", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1a7c066-1f21-5470-8940-0610e96a0fc9", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4c2c8e7-d9dc-5e08-b807-651b8bf0e05d", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66235a6e-a7a3-5321-a7dc-b65c05f03e67", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@9.2.16.v20160414-tuxcare.1" } ] }