{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5322daad-566e-5907-bb79-d29e349e7391", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-maven-plugin", "version": "9.4.53.v20231009-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b4cc73e7-0bef-5fe5-a3d4-d00ee90d5352", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:768ff211-c1c5-5334-9b15-ce1c99ab1d75", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:850b8099-fab9-558b-8354-c0a7527dbb4d", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e64df983-f4d2-5602-be35-f1b8641f07c6", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4c64cfe-86c4-5980-b6eb-ff80da87f4bb", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9469d769-3e6b-5137-aef2-18e931d81270", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6bb580e-d595-5874-af1c-27add7cfb364", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41996e91-048c-5030-b2c8-20ba4ee61ade", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd2b6bf2-0314-5895-9eaa-3809a328752f", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a4bc62f-d0c7-5a84-8343-29b77ca69b99", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df31e0c7-45cc-5c16-af12-12fe27305e2f", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e11290b-d98f-5890-bd5d-96fc748fd3d5", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9c074ce-a8eb-5072-a603-c8dd6c81007a", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:12355445-a67e-5089-931c-8d2b1302b835", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a139e29-8b5e-5fd6-993a-a800c207d3f4", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:696c95fa-aed0-5645-96a8-1e839f7bb1a6", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94007d95-ff2e-5306-86f2-e4a1f68ad84b", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75755f5e-1ac0-5ce2-bbfb-145529aa0442", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:352067c4-d0b6-592c-9ab4-a838a1ba3f9c", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.53.v20231009-tuxcare.2" } ] }