{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:c11afb2b-28eb-5a73-950b-b5273954616f",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4",
      "type": "library",
      "group": "org.eclipse.jetty.websocket",
      "name": "websocket-servlet",
      "version": "9.4.53.v20231009-tuxcare.4",
      "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:5ad1c3d3-c81e-5fa8-af93-8f2ed5cc88b7",
      "id": "CVE-2020-25711",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b4b2373e-7105-5bbc-baff-363c7b779aef",
      "id": "CVE-2020-27216",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:42a80533-e933-5e70-b1ca-dd2d2ff017a2",
      "id": "CVE-2021-28169",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:27ccf7cd-102d-5ae0-8390-b22421d373b1",
      "id": "CVE-2021-34428",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9d2975cb-9f50-5aec-8cf7-ef3453dd64a4",
      "id": "CVE-2023-36478",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ea8a81ff-0c55-52b9-a155-6ac0c62268a8",
      "id": "CVE-2023-36479",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bac71750-94e2-52ef-83a8-8220e2a7a39a",
      "id": "CVE-2023-40167",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e71075d6-d5d0-5f26-9861-ff7f2c927b40",
      "id": "CVE-2023-41900",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7ba3a96d-53c2-5e66-834e-9ac773825dbc",
      "id": "CVE-2024-13009",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5236f371-25cd-54d9-9bc5-06fe18e4ca8e",
      "id": "CVE-2024-22201",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:acb67625-fad5-5761-a9bf-2e16878a76e2",
      "id": "CVE-2024-6762",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d51e16ca-5aa0-51e2-8717-f16f28df0127",
      "id": "CVE-2024-6763",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ed4f51fe-e9ea-50d8-8129-76ef5ec9474f",
      "id": "CVE-2024-9823",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6d9f7f32-d7fa-56af-a96d-02f872b5feef",
      "id": "CVE-2025-11143",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:09ec9a08-3e83-5f15-ac09-765f49adcd48",
      "id": "CVE-2025-1948",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:b8643814-0a34-5975-afc1-69e19365b80b",
      "id": "CVE-2025-5115",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:eba0aa07-5805-5944-b899-9f594e7a62a5",
      "id": "CVE-2026-1605",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6636f1a3-2aae-551c-8c20-e6c1f1c24db8",
      "id": "CVE-2026-2332",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a4c9d240-e496-5857-85ff-df944665d122",
      "id": "CVE-2026-5795",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7060ce2a-7abf-57d8-8042-ae3a799a73ac",
      "id": "GHSA-58qw-p7qm-5rvh",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.websocket:websocket-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.53.v20231009-tuxcare.4"
    }
  ]
}