{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c5b53637-6036-5371-befd-a55605dd2e4c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-boot-jsp", "version": "9.4.53.v20231009-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c8e2a028-042e-5f2e-b7d7-9933b4b48546", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a517b3ba-83b0-5bc9-be73-7c57353e5d35", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:325aa418-c7a5-59ce-ac8a-52dd5ff5c8ec", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c56ce318-3d91-5137-91c9-5e2dc3ee042d", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dba93230-3718-52b2-83aa-eaa262d38c62", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ffb3176d-c0ee-52e2-9199-55b5c7ea35ec", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1014052f-2edc-5ec1-b80d-a83766457b90", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:054a03e2-bd06-5721-9f21-ecca5cdf622c", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b525d9a-4c1f-56e9-b584-82d859229468", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90eeb652-fa8f-5b2f-a395-45cb122b6f09", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:766dc495-0516-5b9a-aec4-6483248df016", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f09c4f93-f9dd-536a-a3cd-5fa0d71da42b", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27ccd191-9171-592c-8af6-a376f45a83dd", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c63e2cf4-8403-5def-b55d-6f1eb3077c82", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36e44dfe-3812-5e90-8bb4-23fc9622a99b", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d29d7404-42a1-5461-bb09-927a1581be28", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f2a98ad-4c42-568b-b2f8-0629338a4b84", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad4fa07e-7b19-5603-83f9-e33ff09e4810", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b32ab19-da6b-55d9-99e0-8273b1996194", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.2" } ] }