{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6da5b1fd-7d05-588b-ae8b-881efc0281a4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-server", "version": "9.4.53.v20231009-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f8ea5505-b5bf-5f75-8a2d-08fc938eebc6", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c423cffd-3981-57dd-ba19-548e706da006", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a38eeb6d-534c-593b-a15f-24e066934994", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61f19fc7-102b-514d-a868-4f7b1d04dda7", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49e7902d-5ac8-5742-a5b5-e5c954933360", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e61e93cd-17a6-56ad-97bb-1458670e29a7", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a86694e1-5a75-55cf-a6c3-89516baffdef", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa416653-47e0-5cdd-8fcd-adc765c854e2", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4dc9d968-c541-50a3-a8fa-5e5469dd9dfa", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6f4e365-36b3-5a21-b2d7-4c182d7c6eb0", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4977a4c-a160-534e-a14b-38570115ca2a", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa4fb27f-2821-5e46-a7e4-10a1e5a78ed6", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09ab7045-1f55-5d38-948c-ae7a5370228f", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc56aa6b-fc0d-5dfa-9a68-cb57e46a228c", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a6c7027-499b-5e5b-ac97-82fd65904c30", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9a0314e7-dc15-580d-9cd3-6111f26d00a7", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:592e2b93-4de2-582c-b1f0-09991f41a6fd", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f052b41-653b-55a4-8fb7-5ac8efd13fc9", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:254d8504-4538-5c35-a73d-33d6ee1f215b", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.53.v20231009-tuxcare.2" } ] }