{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c75b7c14-6da6-516e-b0c1-e40eaef51462", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "jetty-websocket-tests", "version": "9.4.58.v20250814-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f01a93bd-4585-5cfe-a87d-2a1f3ea65869", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34da0635-c592-5c9a-8d6c-beb5699ee2b6", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27e58d46-93e9-5e74-ae09-050381297993", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a8afd1c-e5b1-5b6e-989b-2019104e6962", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf3de0b1-eb4f-550f-9bf4-37ac928f08b8", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:709680cc-d12e-56d7-b310-3c4de78a0f20", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:703977cd-d563-572c-8819-5d63cbdda0d5", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3371d76c-a543-5c33-96f7-d07535c1e3a4", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1406c1df-294c-5d07-81e3-134a0ea7873c", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64d65077-f630-5fa5-95e8-decda3053345", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ed5a6df-16c9-5870-b468-13080dc10f3d", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:975a94be-eb4e-5049-ba83-177250be1202", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d33a0a8-194a-5b41-99f5-a3987861fbe7", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9085234c-9556-506b-8fde-91cdd329e134", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eba2e623-96b6-563a-931f-0dafed3f6bac", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dabb395e-cfbb-5764-921d-e98f0adfed5a", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4cac762f-83f3-5ec4-8462-52d5b1ffa911", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.websocket:jetty-websocket-tests." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/jetty-websocket-tests@9.4.58.v20250814-tuxcare.2" } ] }