{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:d69d008f-2902-50e7-b1e7-4dfbded91b6c",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2",
      "type": "library",
      "group": "org.eclipse.jetty",
      "name": "jetty-servlet",
      "version": "9.4.58.v20250814-tuxcare.2",
      "purl": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:d8a61d5b-2bcb-5001-9b95-d82bc9e79d89",
      "id": "CVE-2020-27216",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:49e8903b-8b3d-5663-8c2b-a6cfca09406f",
      "id": "CVE-2021-28169",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:83fa2545-b640-5dd3-90d0-546e3634623a",
      "id": "CVE-2021-34428",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4e134f77-8f15-5f2a-9f5f-ff6bc681e157",
      "id": "CVE-2023-36478",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0222ae2b-9676-511a-87f4-65318973faf5",
      "id": "CVE-2023-36479",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0b30e7f7-8cd2-51be-a1df-7b4e9def5092",
      "id": "CVE-2023-40167",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:07a9e37e-2747-5180-a9b6-836f898bd559",
      "id": "CVE-2023-41900",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2be8bb78-5195-5e7e-9490-ca8f995ce69f",
      "id": "CVE-2024-22201",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:cc95ab8e-f4b8-5244-91b8-be0e2447d972",
      "id": "CVE-2024-6762",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:61b8859b-7eb1-5e18-abb4-081e16862051",
      "id": "CVE-2024-6763",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8c3f63aa-4b43-55b1-9f6b-828516a0c4ad",
      "id": "CVE-2024-8184",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:80f1fae7-8972-5624-9020-c74315beb9a5",
      "id": "CVE-2025-11143",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:dae1e505-5a40-51f9-8869-8d850c6ca16d",
      "id": "CVE-2025-5115",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:837c68c6-9b59-5e01-b101-f984844200b1",
      "id": "CVE-2026-1605",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5498d250-5157-5c35-8feb-8e5f0c4ff701",
      "id": "CVE-2026-2332",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4eb8fe05-71d2-554b-aab8-e8ae13c2ec30",
      "id": "CVE-2026-5795",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:11495342-ef47-5320-8cd1-574c0f7dccdd",
      "id": "GHSA-58qw-p7qm-5rvh",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-servlet."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.58.v20250814-tuxcare.2"
    }
  ]
}