{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b223a49c-3e9d-5e6d-a1e4-11764900fce9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-jmx", "version": "9.4.53.v20231009-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d9c48e1a-ea89-52be-8549-9bf7cc641ff1", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:964a4453-6e27-57e9-be3c-8525b6b4c4a4", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88b18ac0-55f6-5bdd-91a9-a9af45440206", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e3ccda4-e406-5920-99ce-514521318a4e", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f7efedf-9790-555f-8775-f44cb7472e3a", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4cc867d6-cd97-578c-96a5-5839af0d102c", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93942aeb-fdf0-539d-b976-6cf519c4f1af", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d80cb049-c6b1-5144-9bfb-db742dcc4b68", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cb85bc8-1ed1-5889-8e42-985937b79091", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:668b79ad-ddc0-50de-8e18-a540ed975fd0", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72035100-aebe-5be8-91fa-885a1250898f", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:608a6c40-3477-5ac9-8697-1235a5adbbd2", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:544ef17f-4f63-536e-8c10-1ec89d02e562", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55e72843-9719-5c8a-8d44-00384816587c", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b1ae044-b0c1-5ca4-a12b-95f1c6bf2c6f", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa5d1d21-7fe6-55b4-b1e8-6a3a6de4d9c6", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2bfffe5-f706-5731-b154-c7b85d153524", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6ecf072-901f-56dc-9c66-97cbb6edb219", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:add7b195-49b9-5b54-a0fb-9d8df3d199bd", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-jmx." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jmx@9.4.53.v20231009-tuxcare.1" } ] }