{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:34d6dae0-956d-5842-954f-4fc39b2f599b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-jaas", "version": "9.4.53.v20231009-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:647d6468-051f-5009-abe7-cbdf17614dd3", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:088077f1-c829-5d43-80d8-928dfa41d5c5", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3fcb5db-c514-59ca-846a-4f8cb343ffa0", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25152290-a098-5640-939b-50b585149236", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9473106-cfaa-55ff-b467-6fec47a79e81", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b9d241b-37ad-5ff2-bd43-50f5d1fdebd2", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae245347-a9de-5f21-b9f6-c60ae9355fd6", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4966913a-a33a-5632-8dc9-6ff210a7a44f", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b17db87-c707-5c33-a72d-cb17a34ae415", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd58e01b-8bc7-5d07-a38e-381955bb87e5", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:433dfc12-da0c-566e-ae9b-1c28c4b8785b", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b58b5af6-3891-510f-ae8f-ef67a185e48a", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f0ba15a-bdf5-5281-b68e-cf2eb58b99fc", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4dcd30e3-93fe-5894-837b-b379afb60ac8", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9bb62805-8834-5b44-b72f-039889c12983", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e52deb3-026a-5e27-b61d-59aac3e9683b", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8d20934-c698-58cd-982f-dd68c48a0309", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91568771-3a93-5373-919e-a4ea878bda63", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:085ff46d-fe6a-5473-a14c-c02cd7b82ba6", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.2" } ] }