{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b869d3ed-f06d-579a-a234-047f687d4713", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-distribution", "version": "9.4.58.v20250814-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7c078a26-7574-5f5a-86a8-61008e0b9417", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72d261e2-b1e5-530f-86b9-3fada1ace7dd", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8756b887-bdba-5dcf-8aae-f634ce82cbd0", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:521d00b0-2d14-5bce-b42e-46343dfd4d2a", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3208ebfb-52bd-5da4-bff4-f206d889bf21", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55de1b83-30ab-56eb-98a3-65930bae2fb7", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0954c962-172e-5ff1-8cbb-7dd25235f885", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25687d1d-5175-5291-a3e0-2343250ab3ca", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29d5545f-d348-50a1-8a05-66cad369a0e7", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7343813-8f76-532d-b1ff-b2cec0a3ccb9", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7c32caf2-6ddb-5df5-a643-c60f2a58e976", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba439165-2f28-5f5b-b94b-9b66bc1fc3f5", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a4f1da3-63db-5afe-8b17-8045b0dd0586", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac0227bb-3335-554c-a6a9-ae2c987f3088", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:751ab3a0-f5c7-56cb-a46e-5238287cdc33", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4241f762-e564-54e9-8d32-52d6a7bf7be8", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9108bec2-895b-505c-8026-64ad78b4e7cd", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.58.v20250814-tuxcare.1" } ] }