{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:45c77c6f-9a28-57b8-9b0a-d99fcefc2795", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-servlet", "version": "9.4.50.v20221201-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:06d17619-af17-5a2e-8f95-09149fb585ac", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa3a857f-4cb3-5d3a-81d9-a0c077b8acb9", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a3405ef6-d02a-543e-a0db-4f51b8b651cd", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2940b66d-2505-5e54-9046-a01041612fed", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:566f34f2-2e24-5a08-9dd5-395e8b026a39", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c070df4a-4510-55be-9acf-e82877942c34", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc2fba4e-bd81-59c2-8313-f011ff8e8c05", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38b5d078-4fd5-5979-9612-992543bcec92", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f2e3add-3d4c-5fc6-a0bc-5d4fd7cb18c8", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14f5aa7d-699c-5628-8ef9-44d555642bd4", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f393785e-3d80-51dd-b5cf-1dc300d9531d", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4dede2d4-b43d-5fb3-b494-4371f58ce4b1", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5dfc5387-fbb2-5807-ad42-195ff549bdce", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7bfe61f1-d380-56f0-a23d-9a49142d7785", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:104e1ea9-5efa-560b-80ae-3dcb5f6710d0", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8f6db73-bffe-5459-ad72-8a7366369cde", "id": "CVE-2024-8184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-8184 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ec66e55-c971-5494-87e9-4a941e8a52fb", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:374a48c6-2916-5433-88ff-461dc14ee9c0", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a6775283-d8df-5d1d-9d1a-0866b8514aab", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba4131ea-e0e4-5025-aca2-d09f7f9e1c0f", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b25e448-9034-5e72-8894-05f8eacd63be", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4cfd7929-493d-5787-8c52-31a6bd2088ce", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87786554-aa16-52d5-a77d-d81d9d057193", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlet@9.4.50.v20221201-tuxcare.1" } ] }