{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:59fcae4b-2949-5f37-90d0-af1f649946ef", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-maven-plugin", "version": "9.4.58.v20250814-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d91fb033-7b3e-5ca2-9bbb-5871c119b181", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df3f2424-db71-5f20-b1b1-2605a3cd374b", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6223ac8c-4fba-562c-babf-149be5a52491", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25a49080-453f-5ec1-93c9-a0959341ec4b", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:095cc8fc-c1d7-5d6f-8e5d-d3371adbc043", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8a818c6-f522-53e2-9a2a-b62782b9048e", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c74289f9-853a-5655-a1e8-2c2d8eb044e4", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a76bc58-0603-51e2-814e-a6209b099f85", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:340f5ff7-e9c7-54d1-8454-534d3b5425c0", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c677d568-c141-5acb-92b7-226a7437223b", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06a1a082-a44a-5ff3-8626-a312553b0e69", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42854c3d-6875-5598-b699-2b235038a3ef", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0898053-85ec-5d0a-b5ee-6aa55e826708", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b090f9bd-d970-5ce3-a480-2fe08ed925b0", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:626f63b2-579d-506b-a2a4-8d00cb39fd3b", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:57cadd7c-8ca9-530f-b8ec-73dbdfbce79a", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1633e579-f384-57fa-b245-a1e875447881", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.1" } ] }