{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8ba6bce0-2319-5433-a29b-b008d9a253df", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-cdi", "version": "9.4.53.v20231009-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:80df53dd-6544-5a3b-907b-7349b3eb8f04", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f82b29b5-7cad-522e-bcb5-eb3c44afac81", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:835913ec-8c48-5401-aad2-7d75bffcf74e", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a72b179e-056a-5a7b-9a9e-6946bbe13177", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44e4a8be-d138-5ed0-b96b-0d156cbbdcb4", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cea00334-da9a-5aa8-9cba-53497e6128d2", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fcf6a4e3-3b3c-59c2-9169-041cbff854d9", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b49e61a-38e3-5541-bdff-c3ebe3e53298", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c718f8c-86f8-5a64-9100-539dd9d13f71", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85747dfa-42d3-5ea3-8de2-64ae889cba3a", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd5e9d9e-d7fb-5f3d-aa3e-7ad3da4f3a1d", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa4b3ffa-70c9-5659-92fa-5b085228831a", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96d530e9-29e0-5745-a2f3-abde5802824e", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a386df7a-26e2-5af2-8ac4-7750250817bb", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50c23329-cfe2-520f-ab56-547e917c82c7", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0e61d1f-ba16-521d-ae49-75eb0a4bf9af", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f1a6ad6-9c8b-59a9-a1e1-7d9f29bbd35b", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a8706f1-43af-5c82-a8e8-5561f54f5ffb", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a51e9ce-4924-5704-8c26-cb6639394818", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.1" } ] }