{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8b4fa2b7-f999-56f7-81c4-378e5e46b057", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-security", "version": "9.4.58.v20250814-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b21b0f13-dd39-54df-b710-56db8722e6fe", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e68906f0-d111-58cc-a7a1-5557911a6918", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f8fd4f2-ed17-5ff3-b737-3d0733037485", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76b7ba43-1bf3-5174-9da8-7c0422fb9588", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f13b4f5a-3e1a-59bc-81c4-0485a0b951da", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0162e4ce-f86e-59b3-b973-f744575b5011", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbe3fe5d-c2c4-5bbf-a489-2ecb119a4c5e", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20fb747c-c2c8-50a6-ab81-13cff2f44f9e", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97d779cb-a365-55b5-bd62-0400a964413b", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cddf3297-60ec-57ff-a242-5a49cb1bffa8", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bfea7ff5-ad7a-5ffe-9ce1-cfb7efdc5063", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bec55939-b954-52ca-af2d-7f36f06fc84c", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ef7d06d-86d8-508d-a5eb-34d4bb8e5ee0", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9143e46-96a1-52b6-a4be-b5ab4ec9a16a", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0cd450c2-64bd-556b-9f9b-9f184aecf73e", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:956e7eea-e4db-5910-83ca-12d53b7bbe0a", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83c00d31-006b-5b5f-aeb5-1896cee7ecc0", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.58.v20250814-tuxcare.2" } ] }