{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e2e90085-d564-5aec-b792-3266a1fc7667", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5", "type": "library", "group": "org.eclipse.jetty.gcloud", "name": "jetty-gcloud-session-manager", "version": "9.4.53.v20231009-tuxcare.5", "purl": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4f7395e2-b682-50e0-854c-b6e6a2cf2359", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6d1c8e74-6628-5c88-b0f0-23d1c39c824e", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:460d66ca-267c-5f01-ac6b-d9829266bf85", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:65b78cd0-613c-5e7f-9f7d-725ca3edaac3", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:03c3d245-1024-5d99-be51-ed664af9c1b7", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5cfd53f3-21f8-5b12-a160-a62b751c651d", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:21b042eb-f8f1-5da2-ba98-77ee736b7429", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d4d13be0-44fe-5b7b-9c5b-f6c994e2f47a", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:10b2a66a-51a7-51ab-8706-1484da1fb0d8", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b206b015-ce29-5648-ac7f-970dd235a728", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:70dd7f1c-e92c-5d7a-84fc-8d2a88e8e6ff", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0de547f9-cf8d-58c5-ab2b-525314777949", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5d3ff958-9a06-5928-bc2c-35e259648a7e", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b8719516-41aa-582c-95d8-8d2398a12c92", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d3be6f5f-1742-5ba6-972f-f795a90d77dc", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ba8fbb85-9492-5616-ac00-362d66966179", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bba673b4-419c-58e6-a58a-e88b98a10be9", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e4ce89c2-2612-5464-9f9d-82faf367ec88", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:99f5687f-1673-58a2-aa85-fa1225658cc3", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3f891dc1-e560-5550-8099-3b52fb5b4b75", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.53.v20231009-tuxcare.5" } ] }