{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7c979887-58c6-5cf4-b061-879430c0f05b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-webapp", "version": "9.4.53.v20231009-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:35a166fa-d1aa-5497-9e2c-330cd91ce944", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f5752d9-3ace-589f-9b8f-e1316ec87b14", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05ea41c1-aee0-532d-a6cc-5d4a6b90d2d2", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b193f8d3-76d4-51c1-b8b9-ae8824c5abea", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca63d401-25e3-5e74-88e8-5d6535788d49", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:793fa199-95a2-596d-ab91-4bfd3dda188a", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5be11ed8-1ced-51e3-af6c-7da504ba4d6b", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:855b0509-f982-5339-a5ab-2d574c7402d4", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63c9b3fc-b80d-5578-a63a-6f29afaec7f7", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37e5292a-ade6-5991-a2ea-afd0d3d57471", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea2258b7-730d-574e-958a-6e1266ebfc18", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32693704-ac5a-570e-810c-bb8887d83f8b", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c75c8f47-9e0d-5aa7-91f1-657821df5509", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4dd00ae3-38c9-59ba-a0b4-3e433285a890", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2928c9b8-6a45-5880-95d1-bab95dac11c7", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c6ee313-19a8-502c-b55e-4e90d5501087", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bed7371a-9507-5de6-b50e-22b96bae0f69", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:823573be-31ab-556f-9b98-180078ddea50", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66cb2127-7398-5426-9a1d-c049782a94a0", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.53.v20231009-tuxcare.2" } ] }