{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:254817d1-0ff5-5185-b5bd-0a64bf901ffe", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-spring", "version": "9.4.53.v20231009-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cf83abe9-e34e-5cd9-9330-896b619dc42a", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b5b1683-01fd-580a-8232-cd86c7f46c1e", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43071dfe-3374-5677-a21e-870f947b733b", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b86e9b4c-de1c-5403-bcf1-dca951b249d4", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2055ac95-d381-53f6-8beb-165433c984ad", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3af1284f-87da-57dc-b2a5-0baa0336c6fd", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:315b6816-1ef1-5f2d-a7c2-1a5100e53f28", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3bd10f88-bf88-5e77-b406-7057ec1fc986", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8cae0e33-59db-5468-8caa-685b69ebe6fa", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:85ff8aeb-6be0-503e-9d3a-403753fd8c92", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:86a30faf-56a0-5dfd-88ee-5b45cf478865", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb435982-7286-57f1-ac67-4afbe34912a1", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:244cf518-2168-5802-91db-a70534fdf6f4", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:50ac5195-7045-5975-914c-afc5f9a1a841", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ecff277f-fbab-5e1f-ba9c-f0dfec3b474d", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f144098-4e26-572b-99a7-c52ce4575c79", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30aac873-fe51-52db-879c-b2274480ce4e", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a5b3d02-7b95-5740-af54-b37310a8c1b1", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8784774a-8b36-51e5-98e0-aab695f100b4", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.3" } ] }