{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:04f81f45-15d4-5f1f-847f-3b920c599530", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-jaspi", "version": "9.4.53.v20231009-tuxcare.4", "purl": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:03adbeea-67f0-515f-90e2-b03ec473556b", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3dff02e1-9818-5528-a430-a797f1ad699e", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:12093e29-3a0a-5828-a20a-70b76ef03273", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aecaa36f-2187-5dcf-8c65-3b3fe8a7c3b3", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d456809-ea9d-5ef6-b4d0-1972decfcec5", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2274ffc0-0c72-5750-b2d6-3d7e3563bbe9", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b9ab1e06-9f81-5099-8880-513651795fcd", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fa31b9ae-05d5-5bb3-8608-729d81ca4812", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:caefbce4-5807-5da1-b352-5d2153cbf647", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:93759b33-4311-5d36-8fb7-6ecb527f5f4d", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8a2a026-7fd9-50eb-aef4-dde528401cf5", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f1adb951-88e4-55a3-9a76-46870204daf3", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:947eb88e-9afd-58e6-80b1-4ba894ab86ba", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a501ba6f-af54-5e3f-a636-a1f9ba546b43", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:54eff086-f554-5320-9036-5aa14d64c9b3", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a5eff3da-7765-5ba7-b2b1-5741eb4d5bb8", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e5779c91-8a66-5869-8bd6-fa1f4db5ba99", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cfcca0fb-da77-5f7e-9dd9-dd1a7a8d6d90", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:762a358d-b4e4-54c6-9a1b-c8fa4dd4a9e4", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7dcedd83-49ec-534e-aaad-5b666f14b2ee", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.53.v20231009-tuxcare.4" } ] }