{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e6c7a84c-52e9-5530-ae01-461e256a0b37", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-distribution", "version": "9.4.50.v20221201-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fe37ae0a-84a9-5731-b0db-f8a6c85ee3ed", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aae2b6b2-c789-56b4-9911-196dae3df665", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0ace4d4-dedb-5c8a-8d98-ea3e90ae5f32", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a9679d8-af6f-543c-a06d-32207f572275", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9414e0d4-d4f9-52b6-9aac-6cb16f553a7f", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de5dd51e-2222-5736-a0a6-641e2767fc8a", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb3178a5-0f99-548a-9c81-9b599a998ed5", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ec76d11-72e3-50ea-a47d-aaefe149a553", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6437a8f-ef3a-5f61-899f-036d7adbde56", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:504c4eb8-7744-54c6-b7e1-24971a8a6dc2", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:061b82ee-df8f-5b4b-ad5d-738310431b3c", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:967c5cb6-74e9-51c8-b474-84d6761bb98f", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02dea937-c8f5-5ab1-b196-3fd11f242ffb", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0820e77f-95f6-5f86-8863-806bbc5c5326", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4fb3a9b-b8be-5764-8242-4c61a58bedb2", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77d3a945-51d3-5bfd-a101-c26efb860511", "id": "CVE-2024-8184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-8184 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:253ddcda-f24c-5aeb-9325-b3262c799c1d", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9861cda0-277e-5d6b-aaec-48f50b6e2d25", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4ce541c-e8c6-5b91-b79a-2b985430ceb5", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58a51021-2287-5ec9-b9a9-e9685bfa9c1e", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:447ed283-aa16-5a1f-b6cc-319446973eb9", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b347d25-400e-59f3-a096-6d0429927c98", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98a9f9b7-d149-5d73-b424-cc10f0500b7e", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-distribution." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-distribution@9.4.50.v20221201-tuxcare.1" } ] }