{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8eef6ff1-b883-57bf-8098-41c227e795d8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-http", "version": "7.6.0.v20120127-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c1ef17cc-3c15-5af2-8460-e777a8969a7e", "id": "CVE-2011-4461", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-4461 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77ccb3fe-8e60-5110-a769-bf5319e0d5e5", "id": "CVE-2015-2080", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-2080 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60be5e4a-737d-54d1-b146-8fd37311f61a", "id": "CVE-2017-7656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7656 is fixed in version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7cde1b15-540f-504c-b1a0-05b427d5d554", "id": "CVE-2017-7657", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7657 is fixed in version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7151a9df-1f82-52dd-ad02-73b595bec911", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41abc63d-f729-56b6-8229-b2ca700cb332", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1d66eea-6bb0-5a26-9809-86ce4977df6c", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45c3707d-0faf-58c2-aff5-20f1fe96e664", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad888a5e-2fbc-5a56-9a37-cc3116ec0c8e", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd16bc24-1924-518b-8d48-44af2beb543d", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd11cdfa-5cca-52a2-a8ce-a69806e08dc7", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4f2d9d3-ff4e-5b32-817c-a2596350855b", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66f0e575-71de-5598-8fda-96b7430d75b9", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7eb804dd-aaef-5325-9469-9f48accbc23a", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4b367d0-9848-5557-b7c7-aef2803ec592", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17db892d-23b5-587a-bf94-6aeac2dbccab", "id": "CVE-2021-28165", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-28165 is fixed in version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ce47a8e-8e31-5a3e-b61c-e076cf6bf79e", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:669ed940-350c-5917-afc4-852e6c317526", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d84ad0e-7348-5584-82bf-d87ab6f6ca12", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53a07247-a60b-5328-b026-f2c0b718db31", "id": "CVE-2022-2048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2048 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d83cd87-5f48-5fd1-901e-7b8209ee6dd3", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f0c20d3-a6b3-5310-bde3-4330df2070b6", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74ffce54-0dc2-5c56-afdb-e065507ea3a5", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:447b752e-7208-586a-965c-3390a5bba056", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ebd7a74a-69af-5f92-8453-9612d65f9d83", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ede1798-7cb5-574c-b250-a461878ff35a", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f2b21d0-a0ef-52af-9446-c39b302c0930", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26aff01a-1429-5232-a647-a62404907906", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8218bc6d-6a1b-57e3-9b50-957b429f3888", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83605726-fc77-54bc-bb8f-564f71ef4d07", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2630e47a-ce59-58a0-8c4d-0960f60436ad", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2a73cd4-ed9d-5b9b-a5df-f9edc7237b4b", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c307bdfb-ff84-57da-9f34-9821823900d0", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b651031a-d7ed-54aa-84b6-b2f8cd1f1879", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty:jetty-http." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http@7.6.0.v20120127-tuxcare.1" } ] }