{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dc5cb335-e194-5596-afae-625950d641ba", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-servlet", "version": "9.4.53.v20231009-tuxcare.5", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:029c851b-4eb4-5175-b849-b7b52b5e97e5", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1d2d1dc7-5851-548b-b115-5fa6bcdc3148", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5234d20e-674b-5dd8-98f4-5992636481fa", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:21247ec7-5aca-5511-a952-1c79a3c9ba59", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1e36dda0-6647-532c-b37c-ac459c7ff6f6", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a967f0dd-5705-572f-9c5e-485ec5103a44", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:220b74cd-8976-53ca-9e3e-4de37d6733f0", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0292d1f9-a155-5933-beff-c0adc80924d3", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:78db85f2-30c2-5b3d-8408-1de02d218d5c", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ce57cc06-0fbf-5997-b01a-425e590dc835", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:149f5dbb-5b18-5c9e-8b02-4ae9f6f1c0ae", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:950e8a42-a3d7-5116-a01f-3653377f049b", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:724f6a47-3b8d-51e8-95b4-a285626ea9fe", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:27c52425-2ca0-5164-bdc3-b67fff1963da", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f5009b51-22d9-51ac-a2bd-c2e92e5165ee", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:255376a2-8218-5bf1-9f62-c986db601791", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:90972556-8a5f-575e-8e08-8a21fde77552", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ed666155-f9b2-5610-bea2-e3e2301cc3d0", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:29fc07cf-f19b-50d5-b6a0-d8cec6fba371", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:459e96e7-b14f-5877-bd5d-6be6a94eb7ff", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.53.v20231009-tuxcare.5" } ] }