{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5e9c167a-efef-56d1-b02c-304b29f4822f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4", "type": "library", "group": "org.eclipse.jetty.fcgi", "name": "fcgi-parent", "version": "9.4.53.v20231009-tuxcare.4", "purl": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2667f9fe-a5fb-5d76-bb00-95616f49c220", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:836e16db-2310-569b-bf0e-1d1fcc7d99d0", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4bac985e-fd2d-5bba-948b-411cc42b4843", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:710e741d-3f6c-51c4-b139-d4c62ffcd90e", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5033594a-d83e-54a3-b7cd-4c4418784580", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c392f05b-8ce0-5e91-a7eb-ebc1ff014cb6", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e064bd9-87ae-5eff-850d-87e31956facc", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:698f5315-0031-5468-8978-23e073cce3c9", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c6179d15-3ac0-5fd1-ae56-49adad115e91", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:17e8e411-8874-550f-a476-334ac52d6c18", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e33ca799-d088-5c55-a3c7-57d6ae7f62b9", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b011782-22a2-570e-a5bd-07270f2dc720", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c51ac51e-0db0-5929-b40b-3a61d64c0e39", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:76eaf886-5d72-5e25-855d-cb843b46e54d", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:acb0b31a-1cf2-56b4-a878-6441136fb5e0", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:841fb5b2-64aa-5bbf-9d33-4f00972cbb4e", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:acdf0be6-2335-547b-85af-d170b4608200", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c828505b-8c13-5ce0-bf26-0fa9157e7c67", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:679bff9a-00d9-52df-b8bc-0619c929b79f", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7c5f3793-5f3c-574f-910d-c5805a1256e9", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.53.v20231009-tuxcare.4" } ] }