{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5328a45d-7733-5a34-a030-509afb7b9521", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-io", "version": "9.4.53.v20231009-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8a3b23b2-b841-571f-9030-dde6a70e0d28", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6bc5d324-2fd8-52ab-be49-1c9d7fe4b0a1", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dfd172ea-fc15-561b-b107-7d09275e8560", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b1620e1-d1d3-574b-b7ff-91fe2311ae7c", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:65eb2690-ed51-566a-a474-bb09eeee216f", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6cb70283-46ef-5e15-9d4a-3d78744f1b48", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ed6d5b0-1227-578f-99b8-fe64609f7623", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dabf6ee4-0306-5af6-ac65-7dda1000e230", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4a5249e-e55a-5337-8d41-68b4c1fec6d5", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c33a31fc-f73d-54d0-abce-a26be0d9e421", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:13ae2ac0-535f-5505-a4a8-3179a14833a2", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a2ecf8cc-b326-5c8a-ae99-42c611012199", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6742fe14-44be-5ef0-afe3-d3e4ca12bb55", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:03cdf77f-fc55-56a9-b226-b10c71c7352b", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2260882-8d77-58ed-9516-9e374af73ec2", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9c735032-3867-5926-b974-e9207450aa6b", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1389d64d-7576-5129-a409-c310a0f7d422", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ad3f194-659d-5cff-b93f-525fdcc00687", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:70d57fac-9082-5656-891c-99e7a7943782", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.53.v20231009-tuxcare.3" } ] }