{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b7642027-917e-5e4b-b4df-456d77976d75", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "jetty-websocket-tests", "version": "9.4.57.v20241219-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3722f07b-c6e5-5db0-a279-9b6de71bc15f", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3187eaf3-d2ec-5a4a-8bf5-34b77c803d2d", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9707a8bb-3ee8-561b-853d-5cc2d3ff6ac7", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51532dda-1372-564c-8fb2-0d181ea87c8a", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7fc8927e-d63a-5e51-9554-c5e0a8a0165b", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c53527b-7da6-5b9e-ad98-34066a604f91", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61dd35ec-e0cc-5a36-a95a-c5e11a70381a", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78582afc-5a6d-55bd-90a1-26c59577e300", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:353add14-a79f-5698-8365-d7fcb41638d6", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7704191d-19bc-52de-8857-62a5ffdc2d54", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a3db8bc-031e-550c-a0fe-3e5265ee9a01", "id": "CVE-2024-6763", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-6763 does not affect version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests. fix for CVE for this version has been already backported by the original developers, so this brunch is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0dd7051c-233e-53c4-bca0-733747bdd650", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35570a58-4f11-557b-8203-248a3f082689", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67f531c7-7202-59f3-ade1-55ca0bb906e6", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5549b2e1-f464-524c-8ddb-72668072d0dd", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f397c1e1-78a9-559f-9d0d-d36831779bf3", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:255e7c11-3729-55ca-8406-5b6b5650d19d", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cfd59c5-79b4-55fc-9795-fc9601466e26", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.57.v20241219-tuxcare.1" } ] }