{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c6f03078-f3b3-5d1e-b582-b49095411093", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.memcached", "name": "memcached-parent", "version": "9.4.57.v20241219-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3635f2a0-4a96-5e4e-846b-05f89f1eec28", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:097a301f-37e6-5431-97f0-83127c748ca2", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3ad36e2-aa3b-514f-b04c-34ebec2a27eb", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4def1f61-b159-559d-87bd-14a227da3206", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b0376a0-4888-551d-9abf-0748e3dbf1dd", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97c16566-f6ec-5e2b-abe8-def8ab61b2a1", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c1c99c1-5497-5260-a99d-cb3db05229fa", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c61a838b-c60b-5797-a58f-795085a49e83", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd09e510-3985-53e0-acbe-1032301eaddb", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c8924fc-e684-5b3a-81af-03c16130292e", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9fce0b9e-4ca4-51e6-8946-acfc417bf809", "id": "CVE-2024-6763", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-6763 does not affect version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent. fix for CVE for this version has been already backported by the original developers, so this brunch is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b601966a-357d-52ae-a648-fa459009b1e7", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0b2fde5-a087-5769-a8c7-c85859946576", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1dffd11e-f7a5-52d7-85a8-0fe421a769d0", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab0e0b1f-0151-5817-b1d6-d327fc35a56d", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8b623fa-579d-526d-9500-b3ddd2f539ea", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78c7dfbe-673e-5f81-9f00-056f4b42df73", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3f06666-b306-557b-a035-fc58ef544f09", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.memcached:memcached-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.memcached/memcached-parent@9.4.57.v20241219-tuxcare.2" } ] }