{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bf2d644f-a509-5314-b62a-bd29811d34d7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3", "type": "library", "group": "org.eclipse.jetty.aggregate", "name": "jetty-all", "version": "9.4.53.v20231009-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d2ba43ad-f7d0-5fb0-9775-8a95e40cbbad", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e74ceb6b-2d65-57eb-8371-ee348249c5e9", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eae5b514-73ce-5279-a56d-e8ca2e7d1bf0", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7f11fc87-f88c-5f9d-9a21-f7326bacf21e", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd467bc0-aaec-58b5-a5fa-cc247c33e887", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11814ae2-ef06-5fd3-8f09-ba6dcd2c01b6", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34848bf5-1fba-54bc-93f8-b0490f37183c", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb66672f-48ce-54d2-af93-29d9efcb4c3d", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:06c6abbc-755e-57cb-9ecf-132c49d8617b", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:feda4b92-9788-53d6-a593-90f3a102def2", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b0bb2b9-b4bf-55b7-a3e4-24a3f22ef041", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e729c6e4-4908-5b6a-8a8b-bdb2fd535f01", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10d8b0f9-a402-5024-895e-dace4a2909eb", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:12030a17-085a-55ee-802f-78bb7455d720", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9fdfef27-dd65-519d-bd06-a76bdfd5009d", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e675b30d-e333-5ce8-b818-31742f469d6a", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42eb331b-4eb2-59ba-815d-8c569d68a3cc", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1712d2a1-ac19-565b-976a-127d77e667df", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7882acc8-d3a8-5069-a36f-a80df5edff6b", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.53.v20231009-tuxcare.3" } ] }