{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:964e89e9-45f9-5064-bc96-702147e7cac5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-servlets", "version": "9.4.50.v20221201-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:87c28403-b7b8-5487-a8d0-e2082aeb9fe4", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31e244e8-dc88-5b14-a58c-e7e214f089f8", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2dbb64de-561e-5652-88e9-76dbc6c0d98f", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:606125bc-63ac-5a19-bfd4-8e229f187ba9", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2eb1f400-a84a-5ad6-90f7-2ac8dd6ea1fd", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c6acbf1-f079-54af-8d28-99fbda8b04e2", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf643b62-add9-5c62-815a-b22b88bfd844", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:696a7552-91c7-5bed-ab2f-9b81d5e8a44c", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:410ec571-1d39-5a09-97b7-01a1c6d5e874", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37f8f016-2945-5890-a3c2-ae303aef3fb0", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0479a145-4d0d-5d65-ad95-b1d7a5d9ee70", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da037d3f-41b2-5ba7-9da4-68d7b17b5d19", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:edce33db-7670-5d58-9469-312591357be5", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fff84787-d354-5473-b3e4-889defd3fd4a", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:57a2e40b-1a43-53d7-af16-e6fac0545bc0", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d276b92-6d16-5b31-8e52-704b0532b477", "id": "CVE-2024-8184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-8184 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31320f55-4942-5d2e-b3e9-87f63b048d86", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97b0d944-4655-5133-95a0-d0f9beacc190", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed7881f1-5f3d-502a-934a-7fefb439c430", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e48fb9b9-a598-570b-9359-e7251c545ee3", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ec7d388-8768-556a-a38f-238407fc3b56", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bcf31537-80da-551e-b1f8-cbcc4dde9c64", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64c48c65-1c6e-5d42-add1-f8458fcfc6bc", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.50.v20221201-tuxcare.1" } ] }