{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f5ab214d-531b-5ac7-88e5-7923690a8b65", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-api", "version": "9.4.53.v20231009-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:806ac54c-281a-5510-b0b3-ff6168854cef", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3ee3c24-2bba-5889-9457-480a3b676c80", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:194bbaf4-20bf-5c9f-ae00-06ad50fe134f", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b7139b8-b338-5d0c-91eb-be0de01d1890", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e55df53f-2802-5831-826b-427a6ae522e7", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2e66da4-12d9-513e-8e19-9d23d7535f74", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3ed9cbb-991f-5304-acef-f55b25a45bcc", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f8087ba-03b9-5e20-ae3d-8a0b60c8621b", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80af04dc-93bb-5d91-92ce-587c1f53d9ac", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d43c7322-589b-5011-8660-f6d65b08cbbe", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83bb2143-c81e-5fbc-814b-eeb9f94dba3b", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d803678a-6d8d-5bf6-85cb-17f49daae28d", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55eae033-df67-5133-b3ec-2c8932061ebd", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c32f089e-8c47-5fb5-9ba7-19e6e5fad50e", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:702c651f-aeaa-5921-b593-85237f1784f4", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a603cb0c-9814-5541-9339-58b154350a16", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:380c39e7-4753-506b-bdf2-ea8415adbe8e", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59d4f31e-87e0-58f0-823a-f84536ec1dc6", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:089e4027-b97d-56d8-9f73-e10585731a2a", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.2" } ] }