{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a43ed1f9-b2c8-53e3-9de4-009ce02d3109", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-distribution", "version": "9.4.53.v20231009-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b5c24409-543e-5d93-9b49-5534a6760fef", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4f6ef07-55a9-56a4-9c9a-8fabc3dd29b8", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ac685b9-f585-52e6-b20a-3b5a877ea774", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1001b217-a1b8-5e40-97a7-b704486aa51b", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dfe750f8-9baa-5bd4-8980-ef34d268315e", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aef359dd-1fe5-5707-91ad-94c65073b78e", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd5f875a-571e-5407-9ca8-a507bc43de1e", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eca90b00-5c95-5d72-a27a-dc44fc649da4", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4e479239-635b-5e9c-9c75-e594233e5dd9", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d13a0f14-9b06-5a89-b867-e46f0e6ecc5b", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be11c9f7-5571-5c50-a8da-0bfebbd61bd1", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a547f91f-0f90-5676-b06b-d946420a61c9", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ca719c93-8fcf-528c-9e9c-273a00199cff", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:58da06e9-5978-52f9-9233-7f4fe570d984", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9bbf480b-6893-56f2-8259-0e2b1c10294f", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ffd0c6af-3585-5dde-a8f6-273f0f9357de", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f2f733c4-3250-540d-bf99-3ffb0dad0e8a", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b843b246-a2b8-53f5-91d6-6a7dea8e0ad6", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cff7d1ff-6c16-5bcc-9815-20360af2b78e", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.53.v20231009-tuxcare.3" } ] }