{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4e75adcd-2de3-5af5-8984-4bd12c0421b6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-io", "version": "9.4.53.v20231009-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dda74b97-7eab-5802-a69f-c6a5827a5c7d", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34fae3fb-0f5c-5a71-8a6e-5aa3f391b82d", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e0b75f0-6f18-5e2f-9824-91a7c1074216", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77631ce4-85d7-59be-8652-4c694e6a4549", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59fb34cf-7237-55fe-a2b6-a6765ec51e56", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:219003d3-5ebf-5950-bc59-da7be63d0b40", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:410ea779-2522-5e88-a7d4-aca1d88ea24b", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a8f46d8-fbde-524e-b741-4640b8dbc3dc", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:196a0cca-5600-5fb4-805c-f70c3c406f02", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed6daf0c-d17a-552f-ad01-0886870f6ae7", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4353d0b7-e363-5f7e-8324-2c363e846903", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd472a9b-b549-5fa0-803b-69ff3dd1df1f", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f349cb3-7fc1-55b9-bf1e-f2cc63fac6df", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d380ccb4-fe48-5951-bd57-500142f9e367", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2e7eeb0-0c24-5342-a2d9-eb0d516bfde5", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f558f49-2c2a-5686-bbe4-0334ed1be053", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7416e5fa-f1d8-5785-9bc0-101535712fa0", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48d159bd-2f27-579d-8278-ec9577679cb6", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a60603dc-4819-5ae9-b269-204328f2320c", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.1" } ] }