{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f024800b-0721-5d65-9776-f3145d57e07a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-nosql", "version": "9.4.57.v20241219-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:45199886-2dfe-518d-9c4e-81c52f8b33cc", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06d57296-1b22-510a-9520-f7090da84af0", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34971898-02ca-5345-95dc-0fc8e0216cf4", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5e90bb5-6e3e-5fe1-82ae-8e2c90667c48", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f33aea43-3aec-507d-9bc0-4dc8a75b8728", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f399e59a-e625-5beb-91a3-0e2294f21700", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34022277-232f-5519-ae1e-2239e35383cb", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:345355ae-538b-5d3b-94d6-1494630f318a", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc950f9d-2e95-582b-8abb-4ffeed41e23d", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e1fd988d-07a8-5d0b-8343-0688d8ca52db", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:82a03194-63b3-5e0f-b733-b3511cd4691f", "id": "CVE-2024-6763", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-6763 does not affect version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql. fix for CVE for this version has been already backported by the original developers, so this brunch is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e89a25bd-aa69-5a91-bb7c-8d16123c7193", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dbf91277-1a10-5139-8e29-b9f499235a91", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fac7ad77-7ea2-52b5-8cd4-d84c56e50bde", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3b6cd4e-c263-596a-aa1e-633d57a08eb8", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c93c55d2-d32b-5994-94a4-3f50b6d03650", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c0840cc-84da-569d-991f-ed01fb615c65", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5f8ee7f-2de5-5092-a0a9-e06743bd8dd3", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-nosql." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-nosql@9.4.57.v20241219-tuxcare.2" } ] }