{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f3a33099-c160-52f7-af96-b3fb53d6beea", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-parent", "version": "9.4.53.v20231009-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c05483d8-7282-5b33-aa42-e400936b586a", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54836afb-ab97-5330-aaf0-7d5d57e856b3", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2885b750-e627-56bf-8a0a-c38f6eb72ad4", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:07b94461-a856-59a3-a1f0-ca4239865875", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7cb728c7-c1d7-59d9-b317-eddc05304e59", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:05904e3f-f765-50de-8e0c-33fe1abda45b", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:239c2cf7-78ee-57e7-adf0-7f46958e2685", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c9fcbea-6283-5530-9a8e-d4dae02d7e01", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ad410f1-e9e1-5768-bbdd-117cbf82b3f6", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3fef214-1984-5796-b3a3-1411af058e8d", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:93075842-eda1-5aec-a087-8f6d4f7294db", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb39d1b2-87ed-5e4f-a7aa-36193e30582d", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8d2a518-2567-5325-9f96-6c7f113db256", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:94a976ce-8d4f-53b9-b795-7319ff9d3bc5", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5f57743c-bbad-51bf-8938-df8f8c8381ae", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af2bed41-92de-58b4-a9a5-aa5344f0d6cf", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f95cd8c-949c-5dce-8ac4-8b72ccd1573d", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1d74e27-3b5b-531f-bf68-7ae54793c790", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:47ddd71b-d11e-51d9-a9ca-f0f223c92705", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.53.v20231009-tuxcare.3" } ] }