{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fe13a7f1-1963-57b2-97ff-fa7c4339051f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-plus", "version": "9.4.53.v20231009-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f389804b-741c-59e3-9903-b85e0a789969", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47f501e5-5982-50c3-81ee-a3d0342c4e74", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:813da48a-47dc-580d-9914-899ce054268f", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c98466e-6a01-5e43-b1d1-83e91ee920c5", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d4d9d589-6b12-50af-b5c6-4656eb6d2e9b", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07505209-8948-5724-8532-b6cb5b7741b8", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64d90886-9c8f-53f0-8e5e-f1420a1b9146", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8923a1cb-d468-50ba-994f-c3b6c26e2f99", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cba5d2c7-3511-53c9-9d91-187b892b02aa", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c8ede6f-b5f1-50db-abb4-4d97e9443bf8", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53397a28-02ea-5bfe-8e92-fd596f5247ad", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bcfc3519-b34b-5cf5-92da-8c1977be2216", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e63b73e-5272-5d6b-9888-ba7f14502fd4", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc96b640-f52b-549f-b152-6bb97e2e4cfa", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4379213e-8e6c-56b0-afe7-79ab04a54044", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84d4a1b3-8b6a-5374-90f3-baff4dd743f2", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:beca44dd-2819-5d89-bd9b-93c1a7527918", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40f3cd4a-89b2-5b9a-a4f1-77fa0eb30cc6", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f071c68-a4e6-586c-8bf4-373424238c3a", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.53.v20231009-tuxcare.2" } ] }