{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d2b8a130-da6f-53e3-8d65-3db8570a8476", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-project", "version": "9.4.53.v20231009-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:171d4c14-7413-5bb4-9448-3749c4457c7b", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba189496-f4f2-5250-8263-15bc558ea280", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07212cde-3d2e-5061-bfcc-9913d9b22fb9", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b13bc4b4-589b-5fb7-9eaf-b18e30ce649e", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4a8ea29-9513-54d5-89b5-c7aed19c9d65", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e99e24b-b419-5b37-bb08-c3cec16fbd85", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb305f15-3527-5079-af27-47af2fa886c8", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0982db0e-c2f0-51d2-b6b8-3e4ce8a11171", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8562c4c3-abd6-5f17-b40a-106fcb702e20", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2340e58c-deab-547f-8f2a-42f38e5eb0e9", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69148ef1-a464-5e59-8486-472b352d5250", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa9dbe1d-60eb-52d6-a4e8-26780457eb2d", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5afddba-dcaf-59b1-92ea-ce2654ce2d82", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9193c9d7-b240-53e7-8711-b8d2c0dd011e", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cded5022-057a-5be6-8c24-e635bb505029", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b748628-33a8-5ac0-b1b6-cbf474b9c997", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5043386f-b518-5550-8daf-aafcbdd94c86", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0e37aa9-d3a8-55e4-aa73-7cb81e0da29e", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27244dd2-376b-5ac9-a27c-02570301a90b", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.53.v20231009-tuxcare.2" } ] }