{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0a62a2c1-e644-5c1c-95c1-9324a4a41fc2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.fcgi", "name": "fcgi-server", "version": "9.4.58.v20250814-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cabc92b3-f79d-50bc-a283-6278852f803b", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d89ace75-15c3-51e5-989d-213182dc6695", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:617b5c76-e75c-5659-9264-465de3ab6344", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c63ce79-1abe-5feb-8a0d-29e6cc0c4a7a", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca85750a-81dc-52e2-ad49-70d2c936368e", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a67ceadd-2e50-57e9-a2bc-0f8535110008", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df1d7d47-8271-5514-95f7-34d2c32434bf", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3baebf3-a52f-5589-a756-98804447a9b7", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:974da26e-d5b0-575e-80a2-ce418bd33a5b", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66897014-fa8f-5d2e-a060-0950ce199ab2", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:375c2af9-1ae6-5d5d-8f99-77865d944bc4", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22a8b3c6-9f4e-56c8-aae6-3add72c83d61", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a00a57d4-acf2-5f42-9182-090292e0fff2", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9b434fd-e933-565a-92f5-a1b67eebae1b", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e44cfbf9-b3ac-533d-ba8b-cd98665f65a1", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a46e8229-0903-517e-9405-cb6a80afef2e", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b63d343-6d7c-521a-b3c9-cd02fec0080e", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.fcgi:fcgi-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.fcgi/fcgi-server@9.4.58.v20250814-tuxcare.2" } ] }