{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4a889ec5-613f-5d19-bd84-c7c01cc66a8b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-project", "version": "10.0.26-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e370ab81-0e46-5b11-999b-6108058016be", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51cf00e7-9cba-5f8a-be06-2ce00fa8638c", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93be5681-7195-5442-aa5a-5490a89a4da9", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1da631e-3155-5481-8fae-9a8656650009", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0531902c-c6c3-523d-8ded-ee52a72ae970", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58dfe3d5-a347-5692-b7a8-2683b6d17736", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db7ac6b7-27c9-5bad-9aa2-e00fba75a1f5", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f486607-a1c0-5334-ac1a-64e291be29cd", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b19ef0c-fad8-5a82-b0c8-95fa3b9d218e", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72766bd4-69ff-5da9-b773-7e5243036795", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9430beb-1f24-558e-a81c-e81c04dfd3a5", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eaf6824f-a2f3-5196-9879-0171dd2160ca", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39382a57-08ff-564c-abe1-16b2d233af95", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1852077f-9979-5351-8ffa-7fab4acf80f4", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a67f661-ae93-593e-b2bd-51d7ecf53d98", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b24f11a-7494-5d96-b8c1-17bd5a65ed84", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a3afa8b-3e1b-5a3a-882f-c105eae314d4", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e40ff6ac-bd70-500d-a6c7-cc97d3d5db80", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@10.0.26-tuxcare.1" } ] }