{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1c63e1c8-272f-5daf-9692-f0721ac55f4f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-webapp", "version": "10.0.26-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:eaa2fee7-12c1-5084-b8cc-feff4e56889b", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:148dcbe5-c47d-52dd-bf38-7c5c94fdb2bc", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9d7dbba-2dff-55f9-a635-1daab76bf9a8", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0367a10-3132-51fd-92e1-8c8e52796658", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9228201-1e92-5b11-bfd4-fb21319f5853", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51a9bcf2-96cc-5201-a78b-c5dbb9578c04", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18bd727b-a34e-5334-96dc-7ca937602363", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9de5c741-aa25-5c98-88fb-15f3907991dc", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad248a67-ef13-55c0-b56d-7283cd72daa7", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84ded090-a9f9-5f16-a1df-da330a766b6d", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ddb60c47-b384-5a2c-925c-8c4fbcf8a5f0", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe0cae6f-fd16-5f19-8f07-2a939923ea6c", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2322a52-c525-54be-8f15-cf3ab7be4246", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f520076-9d67-5a0f-ba06-8ccfbc605fab", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5f95da8-c424-5d8c-8a16-5cd9b0f97556", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e4dcbab-222d-57d7-8f3f-06a6be628119", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cba17802-05b3-5cc8-8335-e8eb41c39087", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e897aa2-4e67-54ee-a4e4-2247b7ec8068", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 10.0.26-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@10.0.26-tuxcare.1" } ] }