{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5160bde0-05a4-52b3-b808-3d9c4d51cdae", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-jspc-maven-plugin", "version": "9.4.53.v20231009-tuxcare.5", "purl": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:42eb1876-7721-5a51-b7a6-a09d51ef770f", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a3cc3190-8a52-51bc-a66f-cc7d5d89b4d1", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:477f3c24-e7df-5542-a89b-b4aab42430ef", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eb509374-459f-5025-afd0-3c187ec198e0", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2c7c6ac5-70fb-5bd4-899a-0ae6751dcc56", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f2434234-548f-5e74-8b62-af1a8b07a8d9", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bf909e5d-ecfc-59b2-885a-232eb40f44cd", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:201781d9-0dd0-5856-b312-852b30b6f057", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fc3c54e6-e2ea-5ca9-b6cf-eb59ded232de", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:96ab7ee6-c054-5eea-a92f-c30b6de21eae", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb5ba3cb-f26b-5c9a-b0a0-2adb2e79c97a", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:18b45697-18f1-5b98-8df7-abf6af0de139", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b4d57f2b-e7ab-5b0b-98e4-521be5b2132a", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5a7901de-fbcc-582c-92f9-267f836844cf", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:25c1c56a-7302-5462-b99e-bfd5909a4a95", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3d57f160-d024-5226-9413-e3562b58cc86", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:804db2c9-d661-53bc-af09-8f3cfdbf093e", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b05a5ee3-0caf-5274-94d2-fe50d0121ce3", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:94fa961c-8e0c-5b2d-ba41-af0b4a48f991", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4f633895-3715-5579-8558-e000fbb95d3e", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.53.v20231009-tuxcare.5" } ] }