{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6e202013-4738-5271-a6bd-8051f029a78a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "javax-websocket-client-impl", "version": "9.4.53.v20231009-tuxcare.5", "purl": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7a03a338-979f-58a2-8119-6ab14ff9ec27", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a948a322-aae1-542c-8382-664af0413038", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:960a6c66-a199-523f-807a-bc9ce7c7c66b", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:febdf6ac-23d0-568b-b920-2e29ee9aa360", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:24c3df26-251a-58cc-9d94-3e1b24e7bc38", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5f04c1c6-8cfb-5f1c-892e-0954f7400b8a", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6f810512-ac23-5acd-8b52-cddc210aeb2d", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:588251fe-57ac-5a06-846f-787dca81b0f0", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:924828d4-d948-5bf3-a220-0c490223fa19", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c4b9d471-0778-55e5-979b-28d0a1862025", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:42c58e63-e635-5fab-ba0f-24893ac8ce39", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:774cf3fe-5b7e-5ffd-b023-94ba4a2174e5", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f3b2f2c5-1980-54bc-838f-250d1e32f71a", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:984ec417-fae7-5e5e-ba9e-6351da355693", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2aade935-27c8-582c-bbaf-849a4846cac9", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d0c659a6-3acd-50ce-b20b-b9708b37ec88", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b461f0f9-6efc-55e1-9aef-163e0d69dfc5", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:acca0bf8-b92a-5771-94f9-a97a3cb56ffd", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:35c08c24-5f89-5a3b-b432-549adf5c069d", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2148b9f0-1569-59f6-bdc2-0e0029a7b968", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.53.v20231009-tuxcare.5" } ] }