{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f7359650-a1a2-552a-bb7c-0677739cfa51", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-common", "version": "9.4.53.v20231009-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9d012bc8-9003-5a53-a9c7-778d9a0fe207", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:974d86e3-a75f-502c-b335-93cc5373f601", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd7f3c01-81c3-5a25-9004-b76633c37c37", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad20004f-35a7-503f-a789-132ecaafdaec", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:739b0938-b9d9-522d-8a11-d2455b1a1661", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a375f5a-dc91-5f58-befb-6d94c063e92a", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8ef6150-4937-5564-857d-3787b4e20219", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:deb89b22-bde1-56dc-96a6-45184e901046", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4c5962d-9de4-55e3-9544-490845521a96", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:542e0eba-4ebf-5dca-aac7-a0e320824edd", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dbc56410-7128-523d-ab47-b06fb3fb0e66", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:50b326fc-0bfe-517a-8e82-fbb1db41612f", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ca41f1c-f736-5aae-b51b-598d8381540e", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7fb008a4-3d9a-5ad0-b8ff-22d1a4f82bfc", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c493013e-2ae7-5c42-a1f8-e6645d35df6a", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52272991-fc56-5181-ba89-de6ad5c8d80b", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d654c97-a27d-54e4-8fc8-1e9d7ad1e0a4", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbca3222-5014-5d7a-ae81-329d49e31130", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fefacfd2-a732-5281-8d1c-83b208fbcb0c", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.53.v20231009-tuxcare.2" } ] }