{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bcdb4dee-86c9-571f-a7d3-00a0a4dd62d4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-unixsocket", "version": "9.4.57.v20241219-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3968a075-15d2-5892-adf4-89aa3cba9a22", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:edfb6186-0eda-5053-bc1f-74980524e337", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f071ba0d-85e4-562f-a9b5-6370065a10c3", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24e510f7-a1f8-5e48-a47e-d335c1164b16", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5554967f-01e3-5228-b82a-012f5ccd624e", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e8e9cf3-3e08-5254-9d13-6f13da4a84cf", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8bee6d3b-5bb7-5463-a3c0-6518d656ef74", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43cb8ed2-ee21-5d01-822d-f659efd23e46", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4233ee53-9490-5760-a7a2-9f813cb31e83", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a395affe-2582-5589-94e5-0720285b2a00", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d5709c6-b1ac-5743-bf8d-64527c2fd99c", "id": "CVE-2024-6763", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-6763 does not affect version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket. fix for CVE for this version has been already backported by the original developers, so this brunch is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22c0675c-db47-5ba0-a453-3488b3dbd8f9", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f27064a8-f1b7-5651-a3c3-8d93b8dafe80", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed399069-91f7-5887-aa20-15533f36577a", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97e1212c-4b00-57d5-9349-8343f0720e9c", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82f467ad-6471-5ac7-9f9c-54083b5374ee", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad929403-dc5b-535e-9eb7-67586b90b33e", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dcd5509e-9208-5fee-8eb7-889cd2595def", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-unixsocket." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-unixsocket@9.4.57.v20241219-tuxcare.1" } ] }