{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7075ec77-f6b9-58ff-ac3b-0d2d42b2c842", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-common", "version": "9.4.53.v20231009-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:71ee4b36-4bdc-5661-8875-b46dd2edbb8f", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5401a59f-2e34-5ec2-b70a-e847c16c22f1", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c67c96af-bc65-5b96-a2f3-2c40b642a5d9", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e49eee4b-db50-5321-a73c-a8ef49005618", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:034bc756-6d56-5cc0-866f-c2e2250ab927", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71c71c23-ccc5-513f-aae7-b852d79c9dea", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f2d4cf0-6d9e-5849-a079-a62ed2d9e2f3", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8adcc3be-313b-500b-a88a-2a0f2cfe3af5", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d4b6226-0342-591a-b5dc-c06ea423d380", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30f947ca-c162-5184-9d62-ecb4f0bb6b7c", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1743aaed-ca98-51b3-b85d-7a4b904a7e50", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82d871f5-2dec-5a08-bdcf-00f4245572c3", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:308a641b-040a-5c66-aebc-7389a13c5e22", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:959d424e-3fdb-5587-9509-fc525eceb534", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0c14414-4ea2-5fbb-aba9-2ce3767765a5", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:491a6b4a-c35d-51bf-a0dd-7e7a3724b91a", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed51db9c-109a-59ce-b24f-4952bec66b0b", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6aada56e-b219-5543-a683-dfc5e5b752d7", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6d2dcf0-3f7b-5a38-8467-9ef1853f3a71", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.1" } ] }