{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f1fe1b66-97ea-5ce6-8cfc-b8e099e58012", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-jaas", "version": "9.4.53.v20231009-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b53e51d1-17ca-5b95-b0c6-fb1cb77302a0", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d597c8b-dd7d-56d1-aa48-f432cf15f0c2", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0a3abaa-723d-554b-80d0-173240b1c8f2", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fcf180ea-5a69-5494-8e67-8128e789bf4c", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec028d20-a7d1-5546-affe-a969e9176722", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cfc1bd4b-8f49-5bb6-b233-b75948123161", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd045f23-9844-578e-8d6b-463e26c50209", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab025af5-162f-5638-a2cd-6606e762c028", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b41bb65b-e1f6-556e-935b-27eebe2639fd", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db6313f7-3d19-5dd6-8beb-5b6fad566978", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3d1c994-f59a-5463-bfe5-7613c81b704d", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:865d190e-2a5e-5890-8222-f55a026b0821", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b01bfff-d9e0-5be5-8bce-31894ffdc4e6", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7c55f29-17f4-572c-b3db-febf31a57c26", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a42fea92-1de5-5df7-92e7-2b7102820473", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75f6e54b-7d01-5014-a3d5-feaa14e0de3f", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9cf90c3e-3a73-5efe-b8b0-6a83954989dd", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65b17072-ae39-5914-b70e-4ffea0774d86", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf6dac3f-8230-539a-9e64-8d4c83680b64", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.1" } ] }