{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5a272039-5f3f-586a-9cd7-f230c763d2d2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.fcgi", "name": "fcgi-client", "version": "9.4.58.v20250814-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b6825152-4282-55dd-a442-3c42d8229a47", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4a98d08-cca5-5856-85a0-6425ab2a2cf7", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:177e48bc-f568-5735-bed9-5589437c51fd", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4cc51d3-7f39-5220-86f6-42ac36d4b173", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c63f61e-5719-54f3-ac88-e2ec1fb456fc", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5361682-4cd3-5df3-89b3-df2af546bd9a", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21c7c56b-ad61-5a23-a98b-dbe1f73d37fd", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b727ac7d-178e-5157-95ba-e2c2006d3a18", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2d30266-adf0-5f39-96eb-0f987e948b86", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:411476b2-6758-57ab-8ebe-b85e3a17faab", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe10f2b3-3e67-5457-b1f6-2f7bc6dc67c8", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5930178-5b19-5b84-a44d-5c725313d399", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c5d1793-7b61-5df9-baef-7e3dee989a12", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ec1cf60-243c-50da-8ff6-328491cd59a6", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c06a5ce-e18d-5c40-a916-43fd6843c1ce", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1411240b-e86c-5d55-b43a-83489cd95ca0", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ceef044-3428-5db6-8899-7e80473eda50", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-client@9.4.58.v20250814-tuxcare.1" } ] }