{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ce48df8b-cadf-5fd1-9f04-c9a90ab55300", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-api", "version": "9.4.53.v20231009-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d502e8af-8616-5413-a6e7-d6127b7f4d29", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:404bf491-2a4f-5f62-96e5-4371233bb116", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79e49105-ea07-57ce-b3f1-cabe99569731", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b21b3af-1c8c-5114-b0f2-0d3e3a680f91", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46aa6c26-978d-5dc1-bc89-a031abf11212", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fac3be11-4762-54cf-a700-94206e9e12f6", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5f4c21b-3bb8-5a0a-9dbc-0da10a56a3c7", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52650004-426a-5d8f-b8bb-a875173bda3d", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a31aa737-0f4c-5226-a94f-8c93d84d8295", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bced3627-04ac-566b-9baa-5d33a8216812", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47942e43-e891-5b70-a24b-5c8e892c6f2d", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f461cb8-618e-5c96-92d5-bd3f6d3de671", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:840b969d-f7a2-5228-b79b-a7368817d882", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13f5fed9-a277-576a-9d10-c1ee75067a1b", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34eed26a-f513-52d2-84b3-542520967dad", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:056bd914-dc8b-50c9-ae21-e5e358373bbb", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9a557dc-bf71-50f3-aa93-6f0259c19905", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a3c2145-58ab-5a97-bec4-58f1f9bf840b", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a769023d-9676-5ea0-8510-3765d6645e9d", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.1" } ] }