{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:28f43cd1-307f-5cdf-bbe9-4b5fbb65a433", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-project", "version": "9.4.53.v20231009-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b9264edc-f4b8-5753-ae85-59b39bbccf49", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db2abcab-4d70-589e-a87f-f17c290b0fa3", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3ff2797-7940-54a9-9915-c8aec5389951", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc5391c4-d583-5a08-81d5-07d5a3d33426", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f5654aa-9f9e-56f3-9606-864bc1e7a320", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cd96c5f-2b74-500e-9e59-651ad14e4545", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b7cbea7-de90-57f7-a93d-0c7a2790577c", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0a50db3-51c8-5646-b1e8-1fa33e3d632a", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ce85245-432e-5dcf-a210-dab39bc74b31", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:067a8fd1-9259-5dbe-a606-f9f84a5d8e4a", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3eaf426-c105-5531-9f55-3f1c356d65fe", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6c54fd9-e066-534d-bcf7-4300d7bc718e", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ebcabf6-c75b-5536-8f4a-369cdb834f5e", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3948bc80-7409-5df4-bbf2-e487678f0a10", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2414cb4-bef9-5b63-a9c9-86a4a4768b28", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b14fa00-dc08-5f19-aadb-2c4a133a8f0b", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1f8bd37-2935-517f-b220-3bd584773045", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70fc073a-f9bf-532f-a8ba-2be2106da225", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1dfdd1a-46ed-5a79-bd10-6378a5094be7", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.1" } ] }