{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:67290b6c-be56-5aa0-8025-a2ccd04ff561", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "apache-jsp", "version": "9.4.53.v20231009-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f5d237b2-41fc-5de0-9dd4-f1177fa2f873", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1555ce36-2068-569d-8456-a4f8a4dee307", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d06d2f1b-5ee9-5cdf-9246-24fef0d93b28", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b39d92b3-55bc-54c3-a2e8-3930158fbf95", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6c8f4c7a-1e03-579b-bd25-3e7a225118e9", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6c53dab4-7709-5d6b-a0bc-22eedc50cf6a", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f49899a8-26fc-5310-8d6e-6bc27289e2bf", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4dbc9d2e-b4e2-5215-a960-c8229dab1ac3", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10da7359-d086-5fe7-88d1-f464bfe1940b", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:346ff678-910d-5e3a-b47d-ec1ea750f903", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:011064db-34a8-5be0-bb94-405949006999", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b86b8c19-9606-5366-a7c5-60ac080bb72b", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df048bab-f59d-518c-8350-de98398e4c4f", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34ec12a7-c746-57b3-a075-fb8fc361996d", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:904812a3-0ec5-52c8-b85f-fd2a7ece11a4", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:91612c07-d98c-5f17-a5aa-5f781849856b", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:134b34dd-84df-5dcd-8efb-26b18dd4ce2f", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2a48b045-c4c3-5adc-80ed-d06ee3b8038d", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ca4d3249-b9f8-58cc-b8e2-364a41819d75", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jsp@9.4.53.v20231009-tuxcare.3" } ] }