{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:30d6ab97-9d0a-5639-bda8-733eaf0b45f5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-spring", "version": "9.4.53.v20231009-tuxcare.4", "purl": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:407e9101-50dc-50ae-9244-bcd3eae11052", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b4d68fd6-55cf-5fa7-8046-cb3c7c1a953d", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c3bb360-46fd-586f-b536-377db19643af", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0270e2e8-ece1-5665-b270-020d8819b4cb", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:548a2c57-fbb7-5d85-a3f2-92adf68459e8", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:64ce8dcd-9af9-5354-a01b-0a837339f899", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c2c8514f-599e-5da5-aab0-eb0aa0524a07", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a2ecfc41-4cef-5c03-a80e-39caad01a270", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:81e63acd-9d84-5611-8a19-38848b3527f6", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d6d445ff-26cc-5c63-a837-5b0fde76884c", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f092fa8a-b422-5826-a876-fa027b0f4a5e", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0ae83f9e-1226-54cd-a0a7-8596e8c5369f", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4de17581-f1bd-588c-adca-d763e0f8a9ef", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:63b5d6ea-b1e9-5ca3-8002-e736a0941da8", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ada79444-122d-5762-be35-bf922c9ba692", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe94332a-36a7-5116-965c-841f4a232534", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a8e34a4c-b491-5b59-9368-39f2b448c981", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e320fdf-b6a8-540e-b430-288cf30b98f4", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac8f50ce-d2c2-5c12-acdf-a9bf2beb3367", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:88b25f72-1690-5474-9ee3-3375e01eaa06", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.53.v20231009-tuxcare.4" } ] }