{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c9c1349f-36f0-5a9b-a721-72ccfaf9b1d7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-boot-warurl", "version": "9.4.58.v20250814-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c9b8d743-92e7-5c7a-9117-41f1297e7294", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f709e2f4-2103-5b43-9e21-2c95586bda34", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93e401d4-a22f-5036-ac7b-f62d71157e5e", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef159b6c-e3e1-5b41-a8de-f8ae01237889", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f875e2fc-579a-507e-bc29-820fb29374ed", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7acfc17f-3a84-57ae-a6d8-41a3e08bc73a", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8629354-abb1-5b2b-9f0d-aa1c4713e75d", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:966da5aa-9bf9-5cdc-8e9e-69e8c7c153a8", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f15833e4-616a-5622-a1a2-17ebbd5a39f9", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:262a452a-8227-5f97-8d1a-b917ed541065", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55c80c5b-044a-5ae4-9738-723df3296521", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0448b82d-74f6-514f-9a8c-17f04d8d094b", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5951c769-dcae-5e2f-8988-940c90551daf", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e561cdc-5e86-5086-aa74-a092f744de3a", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61acf58b-f14c-53a8-8f3a-92994ef8b6bf", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc7899fa-24e0-5efd-8aed-59d79a57f893", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7f4d066-9d07-5d5c-8e2d-f209754c9c43", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.58.v20250814-tuxcare.1" } ] }