{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:26462145-8675-500c-a24e-bb6c2cd9e8dd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-project", "version": "9.4.58.v20250814-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:13356dfc-8255-57e3-bd38-b9f60286922a", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16215786-5e80-5a56-93b9-f0d3a3d40d4c", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf7f38a4-a130-59ce-93c3-1052c8a63884", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35b0d222-efdc-5796-9ec7-f6836c9e6b07", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95a9ecb0-b0a1-5ab6-ae0a-97f5e25f6b9e", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0230b111-2cb8-5175-9fdf-e52699826584", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:035d2a9b-af93-5cce-9abb-543fdaf02d8b", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:569b3074-b1ed-5d0f-a20d-6e2aa7d67f24", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80a07c30-3d5f-5d48-8381-0c9cec6bd692", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb0a4d2d-c98d-5831-9ebe-908f1c2aa227", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7474fb6-caa4-523f-a6ad-053559e620fc", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9f3e784-5ae8-556a-a830-a7664b289230", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78adcc3f-a73d-50f2-8802-b7b78a9f54a1", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:86cf90b6-4a76-53eb-9bcc-04d21f26a9eb", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:82e19fd3-88b9-58c3-b32a-7540f2cc0311", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:851ad575-f841-5039-9884-a056343716c7", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92f58f03-834f-56e6-9a47-abf0533c372f", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.58.v20250814-tuxcare.2" } ] }