{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6c0d4cc4-d6ea-5a1c-b1f3-8cca2d5bc01c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-quickstart", "version": "9.4.57.v20241219-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:aa50ecb1-c425-5b2c-971d-94ac0a51986a", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a37da4d-27ee-576d-9bdd-714867f16c9a", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77480e12-23d4-5ac8-a5ba-af7008edb775", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79b616ac-0cb3-5f97-bb25-74defd8b802e", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1bd5e0de-6b06-50b2-a96e-e5b10f007158", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5cdf9926-7e77-5811-8c0a-151e7e58f0f0", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b5e7ce3-15fa-57ef-a86d-3d825aee806e", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40dd2300-2c44-5419-a36c-158c621c6baf", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7c38563-a5ea-5567-884c-9ecc1e01b6fe", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fee0410-f4f7-5209-9398-9bd121c248ef", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3a1552a-7895-5ffe-a0be-66640583cb0d", "id": "CVE-2024-6763", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-6763 does not affect version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart. fix for CVE for this version has been already backported by the original developers, so this brunch is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7fe2a1a-cf9a-572f-b0ad-f1ca52584a9a", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea8a5863-935c-56de-93be-312c893d4ce8", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:99670107-b2d2-597b-8db1-aaa8c1f857e8", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dee0aa1f-7d48-535a-9447-16aa39fa9e3c", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88cf5e64-72cb-53ca-bb9b-5e888922ed01", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:462e3171-aa52-5920-b199-4835b4df51c9", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d241ce5d-4bb9-555f-a962-ef6b41cc8cd6", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.57.v20241219-tuxcare.2 of org.eclipse.jetty:jetty-quickstart." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-quickstart@9.4.57.v20241219-tuxcare.2" } ] }