{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:27ef0947-250a-576b-a221-4f4c8cd559f8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-runner", "version": "9.4.57.v20241219-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ecff95bc-d920-5786-a393-38c5722a199e", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12de5df9-fc8f-5de6-aebf-644aad4979fd", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08aa7b3d-3d12-57ec-a2e8-7797e55a46c3", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6aa7137-0726-5ae1-aecd-6396bb8a362a", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:446f13e6-62c2-5e02-8e3d-e47217df9e23", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8006ad93-0b34-56ab-92a6-c6679d48a3a0", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:556151b6-286d-5d3e-8eb8-a809f160c4e0", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61b26a2f-f4f3-5b1e-93e4-11f9452ee217", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eadbc31e-36c3-528f-b9d4-01f9af4d4316", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f908bca-dd65-50c3-85a9-bad322e084ea", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8a6ad79-d2b2-5e03-ba67-bde7d66a9fae", "id": "CVE-2024-6763", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-6763 does not affect version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner. fix for CVE for this version has been already backported by the original developers, so this brunch is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:449014dd-a5b2-5c42-ac21-d28a48829d75", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c0b94de-5d60-5dcb-b615-ac3b23b611bd", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3717b8ae-4386-5e29-ab4a-015ec0cf57cc", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a65a939-a2ff-5495-9dc5-ee55f59d028f", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:899cdb9e-737e-5537-a035-b45f118b4a58", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbca96c0-8848-5bf4-8203-6e601689bb52", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:168beff0-d075-53fc-b84f-d83400c1214f", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-runner." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-runner@9.4.57.v20241219-tuxcare.1" } ] }