{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:90a76e4f-40bf-5194-b348-231b28b39b06", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.fcgi", "name": "fcgi-parent", "version": "9.4.57.v20241219-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d6842ff4-dce7-5f64-8335-34c962d1313c", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a45d5414-da9f-5aab-b4e3-8d254e491501", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:180e8ff3-79c7-53f8-b572-decafee6b8bc", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4c1de44-fbf4-5fcf-ac8d-4ac0be1f843c", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08b46e6b-b2b1-5d13-b501-d777adfe2c0a", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79dfb527-4a5a-5926-9096-15fed02016c5", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e286359-9127-5c53-9e56-5f7bf9377eb6", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e96eecf4-c9b3-5104-8759-38f171abb11c", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:610f4ecd-89d7-5ffb-bc27-9f69740e39cd", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1631acc8-47aa-5dc7-8ebb-7e95d0663c48", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78f1a2bb-ab97-5188-a972-1eff9aecd052", "id": "CVE-2024-6763", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-6763 does not affect version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent. fix for CVE for this version has been already backported by the original developers, so this brunch is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b56a20b-e003-528b-bfa5-bdd12cdc7a96", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:553a8ac7-1387-5a1c-8757-9715736db464", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b2590493-f219-5afe-a80f-dd17af8a0191", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eaa4d7ef-9c7c-5d8d-a2aa-b717b9f91be0", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f999064-3c4d-517a-a220-8ff5427feaa5", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b0140e9-c800-5f71-8e91-c44e274d7b35", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b2d0ff3-ca5f-5bb6-851d-147e3b1ab007", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-parent@9.4.57.v20241219-tuxcare.2" } ] }