{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ccc77f6c-66d9-5351-adbe-3506658ae13a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-xml", "version": "9.4.53.v20231009-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:64b17059-3edc-54d1-a4ca-510e0bb82144", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:383d58c8-a6ef-53d0-9934-51c54984cc7a", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a0f18c7-0337-574b-ab2b-9917f6a66a31", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:317d2262-773b-5235-9601-5f74782a8247", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2c4a775-5969-5521-8104-e9fbe44d4f17", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b99ff0e-3e63-5ca8-8f19-6db8c949cda5", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a7f1b604-c6e5-5a7d-9cb9-c78215d8d51a", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18855ec5-7ef9-5fed-b92d-c3d6bd540975", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c2cbf130-fe09-595d-a14d-beec16e46f48", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:665633f4-b785-5bb3-abe6-5223e2341e89", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d992fcd5-0596-5365-b1d6-364b27cd1601", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3343a981-5753-53ff-aff3-ff851b0b8d95", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27a4ee05-f5cb-5f8c-8479-529467d913e9", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ebcc3d9-ee05-5ea3-a96e-43101557cb83", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a7229a4b-87b3-56e6-8b8f-404b1ba05ad6", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:93088e68-dae1-5c48-a295-ed3778bfe765", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78ca274c-b5a0-53f0-ac83-e52cda4737a5", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80c5690d-7622-5107-9375-b9d18762989b", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:96d88d78-936b-5ba3-801a-db725df1e57f", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.53.v20231009-tuxcare.3" } ] }