{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:607942b8-7d9a-5478-a6ff-101531cd839c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-jaas", "version": "9.4.53.v20231009-tuxcare.4", "purl": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d162a78e-2f2a-5726-ab67-175246c9cc30", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:13d7be9d-8e9b-539f-a343-cdd940b6977d", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6b862095-8c09-5139-8257-86e0c0b67e2c", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2aea8796-5cd8-5ad6-90f2-8ea6a3128f92", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7183ed5f-e876-597f-bbe9-141e77141ccb", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8dd040a1-3965-5666-8bb0-c46cd8d2a240", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0afad618-f5d5-59cd-b661-c6811faa1868", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1f8d3ca2-5760-595d-993e-1074355b84b3", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a4af51cc-ccad-5508-9002-42e12627f7d9", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0718aa59-11fc-52b0-a69e-b4b5b3c2c864", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d053e7c1-a7d9-5e66-86b6-c8fa60b571ce", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:13a91f30-b3bf-5d53-94a9-e3b757274369", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:965922d3-0b91-5ff2-bbff-a94735907bf4", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d1627f7-c620-520c-a794-d0cc87b5b245", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d401c01-0a86-5689-9ad3-8a04f9735b40", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2fdf3d80-0e44-583a-99f7-7ef959bb3b02", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a7e3d38-8792-57e7-8680-1cc23f521ece", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:61a13740-57dc-515f-8c0f-714321ae6666", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:34c944ae-c4da-5276-9e7d-998485277035", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a403869-4299-5de0-b500-059f05ac1a8b", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.53.v20231009-tuxcare.4" } ] }