{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6e9b9101-bd1e-5c21-8acb-c6481cdf3c90", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.fcgi", "name": "fcgi-server", "version": "9.4.58.v20250814-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8b5b4e6f-fb21-5de9-8ab5-b1111dcbb2aa", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3896e8cc-5271-5302-859b-3b8a4dba6844", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5588eda-e32f-560d-b64d-34f17e46d765", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4d8c647-1219-5bda-81e2-a84960dadc7d", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba9fb72e-4879-5302-8c9f-4a7545372a69", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f851fb4-090e-59ce-bfa0-eca0a593e66c", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9db48129-7c3d-52a3-ac50-e959cdba00c7", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4219233f-fc72-52a1-8c25-6686ce9405b0", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a907575-5a43-5690-80aa-4383dd217b54", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac8f229e-e6ed-52db-8742-bb256a729278", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3df463aa-2293-5ee6-bb14-48793e8824d0", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ee6fbc3-9a9b-5342-98a7-ea977fad323f", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cac886a-aab2-54fc-8551-4ea81c4b9cff", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b729a4d-db39-5a0c-a46e-25502f65fd51", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f93ea0b-18d1-51db-aadb-88ed1065aa3a", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fce542b4-8da7-5196-9ce8-dc289f4f01c3", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a36add22-3afe-5d8d-abf2-2d45b940c6b9", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.1" } ] }