{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bdaf25f9-5b20-53e4-8036-c57080c04e29", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-cdi", "version": "9.4.53.v20231009-tuxcare.5", "purl": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0e76d01a-29b0-523b-9427-f9afb2213b79", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:54feac44-1db2-52e8-920d-6b373e88154c", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fd28ddb4-3922-57b5-89d3-edeed4254522", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:20e6a2ce-1cf0-522a-8b81-ef6020e5d044", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c2785e7d-36e3-5cad-a630-1f7df0750aea", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9efecdae-57c2-587e-a6fe-2c67313b3be9", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1e699658-ba3f-5159-8104-0f58fc1828b0", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:387945c2-7435-5f27-8bb1-d767db6784d0", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:336d907f-0edd-52d2-921a-ecd6ca6813bf", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5313cb25-0159-5c1c-a7a4-535aae03c4ed", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bc212c65-4451-53e1-bbc5-c2c2233ac2aa", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d5f6c1c0-30ee-544a-b5cd-45f11a87c977", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d66cfcbc-023c-56db-a234-03a82391ff59", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ee786b95-47e4-5cac-98a3-9d443cbeb14d", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:14142447-6607-5ad0-9151-16c3dbfce323", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:03a27be9-2843-5023-aa43-367b7a8ac708", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d00129ac-dd75-574b-aef1-9c154ae506e5", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:30b0ae94-a3da-556f-8807-a5e1ea3c93d5", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1522456e-eb0e-5ee8-8866-ca23043a0cfb", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ddf187cb-85bc-5d58-8e31-b043d5553cdd", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.53.v20231009-tuxcare.5" } ] }