{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c26c06fb-c1b3-543e-ba4d-903e444216b2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-httpservice", "version": "9.4.58.v20250814-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e94fac4e-dc7a-5503-9383-d9b4dc0f16d5", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:582d21b0-90a2-593a-b47a-cf1c872883fc", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d2e071e-ce52-5082-9717-4d4bf0a11710", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93c313b8-1b4a-5557-abe3-0fff53bf5fe0", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7bada2e7-c578-512b-8cb1-f69ae6a43f0b", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6a1acbd-ac12-5f38-9bbb-d8d2fef9e09a", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee1b0c41-d51b-5a32-897c-0bc5a1e598bf", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:025949f4-5152-5f0b-8748-70a18243f194", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:acb06020-3d97-5216-89a0-e1115f161096", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec9bf67c-6b67-51c9-81e9-1913e9a63345", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be2e504e-7664-59b4-afc5-1abd18393e8e", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db49ae9c-6823-5e06-a681-cadb5c8911d3", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5100d426-4fe3-5073-bfac-a9f5ee811c6d", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34dd1854-ac2a-5465-8390-6261114d897d", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe0982d9-2825-57fa-ae42-d182b8db269f", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e9fa036-a195-52b6-bba8-1df0c918353e", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c425c905-0642-58c1-a5a5-74ab8accae96", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.58.v20250814-tuxcare.2" } ] }