{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:989db679-ec14-533e-9481-80cdd11c0d14", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-openid", "version": "9.4.50.v20221201-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:829433ef-71cc-5136-b50d-1e7d052e9942", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ed52050-19cd-5222-b033-dc584d8f3424", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:628b3898-d637-5de3-b349-628bf5d192f1", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6503d34b-07d7-5196-a07a-4ee6f18afe00", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce070f26-48ba-5756-86a6-31d77298cc95", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18cd210d-f672-51e4-994a-718f3199f7d2", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac31c07d-bfde-5a4e-8775-3600e4e4a3a0", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12375a26-94e0-5c29-84ae-25e2afa80671", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f7c29bb-d9fb-5b91-ab13-361f3c06ce1c", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c6c149e-74eb-5a25-a220-0b08578a96fc", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a83480e-6e52-575a-90ae-7c5e15aa889d", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f09c7ac-2104-5500-9319-6385ea0a3dc5", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8bdea1a0-6050-5c8d-9a71-e006e61862f4", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac7dc5e3-29ce-55aa-9f16-330d7311aa43", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68e00313-f9b1-5c5a-b97f-a10f6c78b9ba", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2617ed9-4f78-5d13-8161-dbd1b6dbe6a0", "id": "CVE-2024-8184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-8184 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eda051ed-e472-5ade-8986-3c0d85c7e34b", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c2aeb61-2562-53c5-9e97-37a2b4e40b2d", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa404941-2814-54a9-b917-0923e63a57df", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ac93683-65ec-5b4c-8144-bf5c2c463318", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:401335e2-4543-5c43-9bf4-34198f09877f", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95466f29-d4dd-5d09-9527-67699629ecf2", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:daf203db-06cf-5562-b007-74a1f3092775", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-openid." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-openid@9.4.50.v20221201-tuxcare.1" } ] }