{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:be321c5c-ec1d-5bc4-b17e-3e16c9fb4484", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-http-spi", "version": "9.4.50.v20221201-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4cdecc16-1257-5cc3-8612-fe5733199f68", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9236563-5acc-543e-b90a-a581af8cca35", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6fde973e-e310-594f-9105-952005f623c8", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6f4614f-3029-5ad8-b2c5-2ac449382284", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab8d24a5-9cd4-546c-aa0d-fb4f701b6c88", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2641631a-8ff9-5608-b99c-bb76bf9a57df", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b6f6eaf-d270-5164-ab28-8dd0a0cd4273", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce9658f5-4615-5bc1-96ea-734d353723f9", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b763b3a7-fc08-5b21-a6d5-a069e039f4b6", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef76ad05-57d0-507c-aa39-599fb87b2a8d", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7d4103f-df9c-5ecc-8202-0c2e11c087dd", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da8cc0cc-18fb-5208-be10-13139a7801ce", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:613f2d0b-a657-5cf4-bd00-d53829a8eea0", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bff4b154-2f2d-5fdb-a242-d79dbc8d4348", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58977c19-fdf3-51d0-af4c-e68df23e2861", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b9c9d1e-3fea-5911-bf28-e8f382f92bc1", "id": "CVE-2024-8184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-8184 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:272988a2-f4dc-51ab-ab27-ac21a6716526", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff9e731f-3280-515d-bd1b-749437040dfd", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5b38625-cd12-5838-80e9-fc36379d0480", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84ab496a-8f02-5295-b6e2-90d82eb7af2c", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7665a93c-a9fc-57d5-8903-93bdab9d659f", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8cefaf0b-8b95-5ca1-a25f-27c04cac1c1f", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e30e9d51-f66f-5f44-b456-e4a13388f769", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.50.v20221201-tuxcare.1" } ] }