{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dcc7bc0f-e3ef-5d2f-b8d2-9301a47781ea", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-boot-warurl", "version": "9.4.53.v20231009-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:40de3d2f-7a96-59f2-b92c-1b9e878c58fb", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1a693b8-c84f-5b64-ab0b-79eb5aabc2eb", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a334f276-0245-5bea-84a0-d05f661083fb", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a379ee3b-e0e7-5e69-8150-124ae7fcad8d", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4590d8a3-4bc4-5ee1-8fd2-5b9678949079", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3afb1625-3e3f-5a27-8ad9-de3a2a2402f1", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5f06d47-5205-5e37-86cb-80c7e0a97c62", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9c35b1a-4d2e-56f4-b5be-562b02e076f8", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2997f1f1-3c60-557d-86ac-34f91edec12e", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:746a7411-c598-52a1-b03f-17201956c378", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:734a0931-4a68-538b-8f68-0f92c292fa60", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61ac7cec-9430-5599-9d33-6e1b1c356757", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3262dbb2-5011-5020-bfea-a6e0c6b4ef20", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98e573a7-1cc0-5cf0-8f6c-18e3b2bf71bc", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:863c2ee2-9564-5b23-a821-1b7dad034021", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:686c7217-03d1-56a9-a352-ae0a1ab9be17", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:278dd28c-fd3f-5182-9cf1-90418b894a4c", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81880a38-3471-5ae9-971d-29a34220edbc", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9384436d-adda-56c1-988f-eaf5e01626c0", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.53.v20231009-tuxcare.1" } ] }