{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:bc652e9e-5a7d-56e0-91e7-946da5408423",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2",
      "type": "library",
      "group": "org.eclipse.jetty",
      "name": "jetty-openid",
      "version": "9.4.58.v20250814-tuxcare.2",
      "purl": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:3c54455e-56e6-52bf-a920-7c5149aee131",
      "id": "CVE-2020-27216",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ff95779f-5f93-5b49-89ef-f8b25a28e481",
      "id": "CVE-2021-28169",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5dfd133a-e0a1-59ec-9547-c1153bed1c1b",
      "id": "CVE-2021-34428",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8a4c28c1-6e52-554a-9818-ba02e2fd0ca7",
      "id": "CVE-2023-36478",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3be4c80b-debe-58fc-99fb-70737c26ea01",
      "id": "CVE-2023-36479",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c467d55b-081f-58df-8820-d18c130c779d",
      "id": "CVE-2023-40167",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:956f8c6c-2ea1-5ef3-8bb9-5c39c7528cc7",
      "id": "CVE-2023-41900",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5e3eeb8c-9918-5036-b7e1-7531f2d84a2a",
      "id": "CVE-2024-22201",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fe1b4dcd-a64e-522b-bc74-b42a7d0917f9",
      "id": "CVE-2024-6762",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6db42837-4ab1-50e1-a64e-6e909a1f154f",
      "id": "CVE-2024-6763",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:491f9cf9-7f6f-5c8b-99bc-29b20a007a9a",
      "id": "CVE-2024-8184",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:35831c49-5ce9-592c-ba22-0cd5bf529b16",
      "id": "CVE-2025-11143",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f9cce5ef-74e0-502d-82c7-2dfcc46b4ca6",
      "id": "CVE-2025-5115",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ac2e44fe-54fe-5ab4-b63c-1672141a152f",
      "id": "CVE-2026-1605",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:92e260a8-6962-50af-949d-391eb221242e",
      "id": "CVE-2026-2332",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2fdcc98a-dc59-5acc-b2ed-b935afbe80bf",
      "id": "CVE-2026-5795",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7e596131-9621-5564-9c03-d2649c922fb8",
      "id": "GHSA-58qw-p7qm-5rvh",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-openid."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.58.v20250814-tuxcare.2"
    }
  ]
}