{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d004d33a-fb66-5c1a-9e72-12846f0c52b7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-servlet", "version": "9.4.53.v20231009-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9a32a0d6-1918-5282-ad86-9eb65d59e48b", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eca2d6a6-bf8d-5add-a146-606582a8056c", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:110f7122-7274-528f-9570-396985738004", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:381fdf2e-c6c9-5274-88bd-9f106149e4ca", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b17f63e-730b-5b5f-ab70-3ef3312fed2e", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a49e01a9-94ab-522b-825c-d4fcaea89355", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fac884dd-a440-54db-83ca-b92b18ff8da2", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f9ee382-cd1a-515c-9f60-7241048238d3", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a12071d-7027-5ff1-b6fc-85c606db9957", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73474813-0266-50ee-836e-45e18c50de0c", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6b526f0-3021-5b87-83bf-053e9282829d", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b3d17cb-0293-5e22-9c6c-c42117563390", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:226dbe3e-9227-5944-a490-14055caa93e8", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0d95e0f-c0ed-5233-8c29-70d6be8a0ae0", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08a7ed36-78f7-5944-824e-72d21ce98b37", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cee0a40b-3efd-588e-8959-76404c444f9d", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8fb291a-dca4-5452-b4bb-7a78848cfbf3", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc65c5ef-a631-5fd7-ac29-2033a1d3220d", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf306952-53ee-51c6-bb3b-9ae7618a46a6", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.1" } ] }