{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:607b0a8e-56b9-5203-83e4-76add0f94c74", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.aggregate", "name": "jetty-all", "version": "9.4.53.v20231009-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2439ddd4-2a29-5a73-8402-34ff16c607d2", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b2f4c2d-523c-54e6-8866-7ea4a6f46cd3", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94672715-f573-5769-b000-cfe47db283bc", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:143de8ef-3bd9-5a45-877d-544e8c46c09f", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:495ba322-b9ac-538d-9a15-aa375db93e7d", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74f49e9e-ab48-56fd-bf89-17374507a7be", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0bde5e5-fbd2-548f-951d-9cbc55d2a5ee", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31e524ff-55c0-5779-832f-20081ebcf874", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53b8cdfe-c9d9-5011-8183-91e34bb29e60", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2820288-594e-5bf7-9608-5a0b0fb08d43", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d02027b8-950c-5e0a-b347-efec6dc89f93", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:474420d7-c7a4-522c-9e3b-28c23a6bb30e", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9def4a1-a98e-5e2c-96c5-de647a691eb1", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a155ab28-ed90-5b81-aeb7-4fbde789f511", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8081e623-9d1d-5c8d-af6b-c69d91f23e62", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3861bb3f-3a19-56a3-bd45-60b1681df919", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc0acb22-5870-5866-a9a3-4e669ed17357", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3ebd9b8-2098-56c7-8f2b-3b007648927c", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1f5a08be-42bb-50b5-834b-fc2af6f8fef4", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.2" } ] }