{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fc84276f-4950-5dde-a33c-33eb4bf61789", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "apache-jsp", "version": "9.4.53.v20231009-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:08dafac6-ef9c-5cd5-bca0-b793883ce932", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64c0f0aa-e5fa-58c7-a234-70a1468318b5", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a9ca7ab-bf5d-5aee-883f-387cb73918dc", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af374e88-50b6-52d3-a583-ec10678baa54", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2d5c985-56c6-5950-bb90-5ef896749ef2", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2628b996-e188-5bd9-a92e-a1e5ce0127a1", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:289a784b-c47d-5833-9e10-b1d0b7283668", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:556caad8-0c30-50bb-88fd-3ee669749fe1", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:570bfb00-8d3a-5fe4-a4dc-3f871d6d6029", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d52a4b68-6c8c-59ed-bea0-9a3bb358fa5d", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3efb4ab-98cf-588a-b2ac-16456364a32d", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7fa4c1a-2268-569b-99c1-47713bcd68ad", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ffcfc00d-5e64-537e-a077-87698467ded7", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61a33d9f-9e95-5fdd-a1b3-c862d3a67c38", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3472ba1-5005-5ed6-8509-91357a0e413c", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97443bb4-2fbb-58f7-85b1-c39d87f85428", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80d0e47a-93b9-59c6-9309-7d9ffd9996b7", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77791a24-98a0-5137-8360-f11ca5d99bf9", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0221905f-1f6e-5d70-b786-fd294d05fe91", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.2" } ] }