{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:823e816b-9469-563f-a950-4510ed10a9df", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-boot-warurl", "version": "7.6.0.v20120127-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6d5cba0f-041e-5a38-9151-c73845e50345", "id": "CVE-2011-4461", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2011-4461 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1cfcc31a-a179-5457-8983-c9c4ef8208fb", "id": "CVE-2015-2080", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-2080 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c086a16e-6c7f-5feb-a7ac-84c0061ac914", "id": "CVE-2017-7656", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7656 is fixed in version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abfa244f-0921-53e0-b6eb-d384f9316254", "id": "CVE-2017-7657", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-7657 is fixed in version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbaf869f-12a2-560a-8264-b487508e777d", "id": "CVE-2017-7658", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2017-7658 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1cb00800-52f4-582c-90b1-94110b94a3d3", "id": "CVE-2017-9735", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2017-9735 is fixed in version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3bae016a-3d8d-587c-8d1f-efdfc9eca017", "id": "CVE-2018-12536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12536 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b520d95-225b-5c56-abe5-3a3d8599b880", "id": "CVE-2018-12538", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12538 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fedc54e-1bdf-5c92-9f07-4aaead454b80", "id": "CVE-2018-12545", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-12545 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42727722-f0a4-536d-890e-22bcf0d6d015", "id": "CVE-2019-10241", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10241 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d339ed24-89d3-5881-9c99-75dece350158", "id": "CVE-2019-10246", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-10246 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d769df71-7748-5356-b04b-3f863574d9a1", "id": "CVE-2019-10247", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2019-10247 is fixed in version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85f5fac1-2ab1-52a2-a31a-8f8a5399390d", "id": "CVE-2019-17638", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-17638 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29bb6074-3f33-5f29-af55-78d3ccd6687c", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e69a2fff-5f2c-547a-8c9d-f1d2877a6938", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5562eea3-2c10-5a69-8334-a961dab84066", "id": "CVE-2021-28165", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2021-28165 is fixed in version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:182f7a2e-7c28-5f4f-ad64-cd7ffbf57089", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51f87a32-2cac-5c1b-85ab-3c0cf3352c72", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59b419de-fc80-5ad2-9dfc-fc45c9564b82", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45ca2844-bc00-5c11-9ace-27be2e23fd21", "id": "CVE-2022-2048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2048 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae552f91-b0e9-5357-a4f6-d4f516497a4e", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e970f8fd-3f4e-53fa-bf87-708270baa04a", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1b5ffaa-a534-5503-8ba7-b24cabafceb0", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0ed57d4-575f-591c-8219-7564438cea95", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fd23e93-14c9-5841-8325-8865810dc7db", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a5a1953-62d7-5d98-a7ad-5aa69d050f50", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0103d795-5489-50c5-a365-cf05b5ab99ca", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ea556f3-5d4b-5ba6-9449-0b8ca88a13ec", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2f73398-7f94-5ab0-9e44-e086069ee625", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c797a81-c498-55a8-8134-4c625d5889eb", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8af3f980-9ce0-505c-b565-7a5b22d07ef0", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc95a2eb-5798-5e62-985b-8abfc3483002", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f43db9a-8c33-51e9-9494-6ae43b6b2270", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:483449fd-1043-5127-81ca-b703807263ed", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 7.6.0.v20120127-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@7.6.0.v20120127-tuxcare.1" } ] }