{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e0631e9e-db4d-5111-a82a-5450f4c0f74e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-hazelcast", "version": "9.4.58.v20250814-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e335b188-da35-583d-a4e9-c6f7e92868ea", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e066a39-965f-570f-940b-ae6eacd7c52c", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a5fede0-cfb9-5616-963d-f53b99f1b822", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2cea36c-983c-509c-9976-76ae255e919d", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:921859b7-2df0-5f00-a385-5757597081f8", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b3d4f7c-0f26-5f28-bc12-f82be8530a9a", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dbe9d193-6da5-5277-90cb-d8f8793f0adf", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:922b38b5-5c4e-5df7-9741-e46744530b90", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f5ecb53-c7e8-5433-9ef1-5cb85d0b8eda", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0413ffff-e44e-5f64-8a3e-9b3960492a1c", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5cd939f6-c26b-5e9e-8896-9b06e7b7286f", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a0ac99b-dda6-5fb4-8fc8-afcfb14f0574", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbbdeec4-fdd3-58dc-b9c5-a15fee841448", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2daeeff5-aefb-5e7f-8e9b-0df3cbffc5ff", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25c9ab39-54fd-52f0-a5b0-01ee70d48add", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95a29a5c-3f4b-55c8-9d5e-f1b3bc112992", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f541fad-b141-53a0-af26-de39e429a42a", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-hazelcast." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-hazelcast@9.4.58.v20250814-tuxcare.2" } ] }