{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7dd36430-4e0c-5cfe-a30e-767c02a3bc19", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-cdi", "version": "9.4.53.v20231009-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1b887bd5-a4a9-5aa4-af56-46711fef6b9b", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3373b65e-0a2f-598c-9407-9ee9a30e1ae1", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b95d06c1-86ca-5645-b785-26044d69c821", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6bbc844e-fb9c-540d-9665-34b69d2f8b05", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74c661a1-e16c-5c22-bf4d-aa761ea73fa2", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2f604d4-0b5e-5cc1-9d5f-146962dbb485", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c720657f-f7c9-5265-818c-17801199f1f3", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:86a0d21b-21af-5ef3-a824-41cfcf345abb", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aab6bdb3-98a8-5fca-aab2-37513039c1bf", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc8c7e19-b7cf-5943-b786-e0f145516b10", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a92c042a-3bc2-54f8-acdf-d36b9f8e36d9", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd43c3d0-9ca5-529e-8473-59eefc8e77ca", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba4b306d-7ec7-55df-9f4f-2ec5801b592e", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4488c25-5171-5e93-ab77-ddee8601e14c", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:caaa15f2-9cad-5599-a959-79cdd2400068", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e51c0b56-d2a3-54e8-8f55-018cb88666ba", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2f1f3f8-7237-5014-b30f-732b32a97acc", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a519f35c-3d8f-5b94-a422-3687de59239f", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc57e35b-cd8a-51dd-b9d0-7f854758ea84", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.2" } ] }