{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:511d6eb1-b7b0-55cd-91fd-c4639798ad33", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-jndi", "version": "9.4.50.v20221201-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6421b90c-1d0b-53ec-9dec-47011513c2fd", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c44daa93-1cf2-5408-94bf-cc1d886e95ff", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5158b3e-1e47-5958-b520-be94dfd0363b", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ceffa259-11b7-562a-9be0-cb803a6f11aa", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b43a8296-a2e1-5040-80f7-437be95ea118", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04bf9471-ebdf-5dfe-a420-cebf4f431cb2", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67769912-c58f-5672-a95e-fd71cef9524c", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6085c27a-667a-5e29-80e0-37e19dfb9751", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c92bcf0-0f34-5e5f-99e3-fbe4efadb3de", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:07ac6350-dcc0-59ad-b0b3-b47a38ea829c", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50b5f1db-d57a-5129-bf03-3403ca91b8b1", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:012fec09-f984-5255-b403-be71ce486c12", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59152feb-0192-5b9f-9fa6-a15ba5301343", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d447ca5c-70f7-5035-93b1-6dbae97af39d", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:054e29ad-ce5e-5b65-be48-d39fb99f9f17", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bae9df71-0049-5e7b-81a4-708a9c60ee3e", "id": "CVE-2024-8184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-8184 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe3503e4-5d53-5acf-9ffd-668c4937a54c", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed1ee116-c2d3-5659-8ee8-cab7e91b7d27", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6dd1347e-8034-5b31-97c6-685ea866e114", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f45cad62-8796-5a3d-9882-b347b9e4a906", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:655b284e-0410-50ef-9600-19ce6ad82e95", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:357188ae-9c29-59e9-913c-9826ba856054", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:396b296e-5db0-50a8-a9a9-f0fa861730fc", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jndi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jndi@9.4.50.v20221201-tuxcare.1" } ] }