{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fae75cc4-db57-5a54-8323-6aa2ebfb28ae", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "apache-jstl", "version": "9.4.53.v20231009-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c9b026ec-8b09-5596-81c3-f7f85c29ad16", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:596b3b2f-e9da-5133-8ae3-fcb5d7bf07b5", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d5a63e6-1da2-54b9-b9ea-ed85ffccb91d", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2cd425a-c7b7-5e0e-91a8-ada78a0256f4", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff597826-e1a4-59eb-aef2-d501d9c1dd60", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0757ca1b-1469-5529-a472-8da3e084df3d", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b37ca44-3df0-54d0-980d-354b3f169879", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:408417dd-ee61-54fb-b319-3f801ac1b85e", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:45be9f82-38e0-5819-88a6-9483e474abba", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:95363557-ff6e-5081-85b9-8dbc76f7642b", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad1c7149-a4f4-51c1-85db-8f3462f6a38d", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a682f4c-10fe-5bba-8374-7b7e2fc94ba6", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:595248c7-6788-5863-9d09-4bd0d041b9a8", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dba8bbe6-84a9-5ef2-a32e-47083928f24a", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75f797bd-f273-5a38-8cfc-ee3bc6071fa7", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:637d8557-c33b-506d-9c2e-16f954bb0ce1", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef9c4a07-f925-52cd-8456-3ec01bc77951", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3169075a-9343-5052-a13f-35ca101ef24f", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:725a352c-fc94-5df5-974b-bef2c6d3667e", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:apache-jstl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/apache-jstl@9.4.53.v20231009-tuxcare.3" } ] }