{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:382ea0f9-acd4-5a2a-a547-3577f50c5fec", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-rewrite", "version": "9.4.57.v20241219-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b05f628c-474a-55fd-bb28-76ff468cf357", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc804e60-8baf-501a-86ac-e673845daa91", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8964f56-a549-5df3-9040-ed162cc43671", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1bc298d1-6cf3-56ba-b529-a6e9031628ee", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21bcefee-b236-53d5-af01-ec2dc3f39233", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0eb2034-f4f4-586b-9c2d-ae7308eae455", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e48c2aae-6289-58f6-b776-6b8917b09724", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd445458-d8fc-552d-9a0f-afbdab6aac18", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ddf10ee-7a99-529b-917c-ebeee80d6680", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1dbf4838-9b38-5a25-8c6c-c724f1e9374d", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58e31121-7b92-51ca-ae45-53c5a4ff70f0", "id": "CVE-2024-6763", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-6763 does not affect version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite. fix for CVE for this version has been already backported by the original developers, so this brunch is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:94c3ae59-78b3-5467-9471-4c2aca8aae2a", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00271163-9e3f-5a51-8183-18c444f97cdc", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:09492190-1b20-551e-8ed5-40c1790206e6", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:57a35c27-0433-5a5f-8399-84120a2e8d9e", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e3d719e-c94e-5451-b833-26decf0ce676", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dad220ad-476d-5a78-b639-1ac53d487e28", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed367f8f-9bd0-5400-8fe5-70b22debdcfc", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-rewrite." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-rewrite@9.4.57.v20241219-tuxcare.1" } ] }