{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7cadd836-45f9-596f-808b-ad60b6be07c3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-client", "version": "9.4.53.v20231009-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7ddaa046-12bc-5072-a663-8099ac1b82b1", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7a4249e-bcce-50be-a8bc-408e0eb58947", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba733711-f292-570e-9a65-161cca7d94e9", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:549b0459-257c-5282-bac3-75e789135ea5", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43a9ab82-554c-5d43-9169-d156d8fceca0", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:92d11a97-986e-5b61-94a5-942ffcb962ae", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2efdbc38-c1c1-5c98-8252-b81c18daeaa3", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f9ca1706-cef0-5761-8e3e-e41a9d07339c", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:523d4ad3-7818-5667-835a-af7466da2b21", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d961fee8-e58e-5ce4-968f-ee569b6e1262", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f028a657-b998-5d5b-ae07-53c7e7e8aac7", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b7576586-6ada-5078-a0d7-6e6c04c70d85", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56c56e2b-7b68-551f-a098-507189c4ed9f", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fa9539ea-db70-50ef-a031-87d5d165ef07", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac88ec6c-cd1c-5089-9bdb-725aef6067b1", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3ab16b50-f150-5541-a0e9-ce7c23e9161c", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fc9d24e5-184f-5c84-8f91-63c3ca2e00ae", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09cb6dfc-dd1d-54ac-bf4b-168d604a70e0", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cb6afd39-e056-5a8b-a4c4-8aefbac5972f", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-client@9.4.53.v20231009-tuxcare.3" } ] }