{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4d466a38-cd68-5881-98a0-9f3098efcc00", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-jndi", "version": "9.2.16.v20160414-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c0a6782b-73fe-5887-a11f-b24fae0a5907", "id": "CVE-2017-7656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7656 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0900be5d-653f-5152-a390-c7a52a302f89", "id": "CVE-2017-7657", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7657 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64d0259f-3ad6-586f-81d9-950b587b44d3", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:090a64c1-b651-566f-9559-d46505fdfd7c", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3bffb75-315e-537c-a400-0a80e4d899e9", "id": "CVE-2018-12536", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2018-12536 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef934888-1ea8-509f-bc67-4208e4adf3f4", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e7c4d40-3801-5d79-b9cd-902b2aaee160", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3432d27-4c35-573a-a1c3-c032a48a0253", "id": "CVE-2019-10241", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10241 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5f0bbd8-beff-57b4-ba4b-730fcf501164", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d2044a8-37fc-5a01-a3fe-de452fc9bfc6", "id": "CVE-2019-10247", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10247 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5b975ae-f502-5ffc-bee8-7d02cec97310", "id": "CVE-2019-17638", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-17638 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d46ce49-4774-5b3d-9ee5-6f46d94fb10c", "id": "CVE-2020-27216", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2020-27216 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c81d8176-2831-5046-b154-855e46850a29", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9e2b824-e039-5b30-b788-7b37168dfebe", "id": "CVE-2021-28165", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-28165 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87cc4bc4-0429-53e9-9739-d5d86c527f9b", "id": "CVE-2021-28169", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-28169 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68dc5af7-6fbe-57c6-965d-c85379b87e84", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41ebca32-fbd8-5e23-8d16-1e56712cabbf", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83375f6c-561a-531f-8ce7-97d38b3ffb18", "id": "CVE-2022-2048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2048 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd13ca4e-c946-507f-bc74-95b6a3f04430", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73a535fb-fa03-52ef-90d6-f06ce5b8032d", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30675ba3-fbeb-59f2-8c82-ee2ccc233012", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d30965b-abbf-5d7f-b476-59a57beb8652", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:810416f3-955c-58fe-8690-84ebb89f9ab9", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb0320a9-3489-5837-8f79-6d9021faefb0", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d4747bc-8da6-5441-b9d0-573c916e04ff", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1025c929-0406-5e61-b201-4f39889ad37e", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:afc0ac88-c256-5f39-a628-570cb0e4fc88", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:047e41c2-db17-5025-a755-983ccfb6acf1", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72486bb2-80c1-5a5b-b7e2-f3f044d6c94c", "id": "CVE-2025-11143", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2025-11143 does not affect version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi. Jetty version 9.2.16.v20160414 is not affected to CVE-2025-11143 according to advisories." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4d9e730-fa3f-5cee-8b39-4725a4cbdb48", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9606a56b-9aee-5b31-af7d-833b3cf3492c", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cfdecced-964c-55ea-83c0-b8fb2802c3d4", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:592ba545-9b07-5d38-9fe3-0a13e97a5598", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.2.16.v20160414-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.2.16.v20160414-tuxcare.1" } ] }