{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:04ee27ef-aa9f-5d0b-adf8-050acb9f78de", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-api", "version": "9.4.53.v20231009-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ff82a756-7799-5479-ae3d-70a4a2aa4552", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9aecfaec-1886-55f6-9703-f62db1a2608e", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:22b1f1f9-2a0f-5904-8c3b-9296a549cee0", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ecfd0fac-8d3c-5777-8fa7-7ed2e0bc190b", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a4c61b0-c482-51c1-93b9-2dc167f7619b", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f92be2b8-2c9c-5805-ade6-8efe8be7900c", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb1657fc-1004-5d0d-93fe-9f5bc8f782c5", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f563ada6-f970-5453-abae-c277eb0547fc", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25b9d78d-78bf-5bb4-9aab-b9b69267fcd7", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:74014587-2cb0-5a6d-b69b-b51ee77ae726", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36a522ff-e3dd-53f5-8d3b-f8381fda4c49", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a4826ebd-55f6-5d2f-8947-37b7c6f059c8", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b106d6b5-8a63-5dbb-8f64-07663bddce61", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:15c82dd1-962b-5b5a-a36a-4ca00bbdd61e", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:527f75fc-3a9b-5988-8035-d17ee6c26e86", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1c90ff7-7b5e-5dce-a1ae-bf66487c2c59", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:61382cc1-a376-592e-894c-e4b80f7101e5", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c916e6e0-2af5-5c49-a58c-d7769a74450e", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f48c2820-1a46-5e4d-8977-6c12a6adc5c4", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.53.v20231009-tuxcare.3" } ] }