{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:ddc90d2d-291b-5dfb-a94b-f3b4a8d6da26",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4",
      "type": "library",
      "group": "org.eclipse.jetty.websocket",
      "name": "websocket-server",
      "version": "9.4.53.v20231009-tuxcare.4",
      "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:70e89ec6-fa5b-50cc-99e2-7aadf2a6ff29",
      "id": "CVE-2020-25711",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:be9d4f51-6006-5fe6-9edf-48ec784e707f",
      "id": "CVE-2020-27216",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4da34bdf-44df-5abb-8650-2454fbdd6559",
      "id": "CVE-2021-28169",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0aff13f4-be18-55ce-bc5d-bef343c30d7a",
      "id": "CVE-2021-34428",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f763e78c-cb8d-5f58-b323-f98a8df71510",
      "id": "CVE-2023-36478",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1daefe0d-5161-50fe-b7f1-828d756c25bf",
      "id": "CVE-2023-36479",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d3b1b644-915f-5179-b82b-3b6108402c6d",
      "id": "CVE-2023-40167",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:df1e1291-2f80-5686-b13b-a12e1b5bdb3a",
      "id": "CVE-2023-41900",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:59e6991b-ab55-5d05-a9db-450432bbd43c",
      "id": "CVE-2024-13009",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7ac6511a-58fa-5522-a94f-84108d948cb5",
      "id": "CVE-2024-22201",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:71b321c1-0719-5af7-8f3a-10b762e673bd",
      "id": "CVE-2024-6762",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c28388df-6ea0-5662-a8ee-d901808c6599",
      "id": "CVE-2024-6763",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b7b45fa3-2a1d-5974-ae65-0a7b1c0ebdd9",
      "id": "CVE-2024-9823",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d0d6ec01-7dfe-59fb-8209-c0e127113a06",
      "id": "CVE-2025-11143",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:df858f88-eb74-5090-a3cc-9b69caace6af",
      "id": "CVE-2025-1948",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4213e3f7-ae3f-5dca-b816-8ee636c10511",
      "id": "CVE-2025-5115",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:445dc88c-bd8d-5517-9436-1793274260b5",
      "id": "CVE-2026-1605",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d4f6b58f-f10f-55b2-80b4-b2ea58e6d88c",
      "id": "CVE-2026-2332",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b0bed0d2-5060-5b92-93c1-2dccc9b2a9b7",
      "id": "CVE-2026-5795",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a964476d-6e1b-5d6b-b98f-192094ce8c35",
      "id": "GHSA-58qw-p7qm-5rvh",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.53.v20231009-tuxcare.4"
    }
  ]
}