{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c64e0340-a61e-5087-8c7a-ce65fa54c040", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-webapp", "version": "9.4.50.v20221201-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f875f377-a8a1-58dd-b107-a4fbaff80d32", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54401f03-7365-5538-8387-c6fd4ed86791", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8dbfa257-7a80-51b3-9be7-7dc0f6fd1cab", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51a34f42-7ddc-595b-9496-4f39ff0d9d99", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fb426d0-0428-5f6b-88e4-4f380ca782b5", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f39c8f93-27c1-5f4f-a7a8-099ca73ee8bf", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b60f525-f80c-520d-9559-7ee881eec671", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de69b8f7-6fe1-5ca1-8cfa-54180aaba295", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74aee9e9-e11c-5dbd-a78a-e78a305a1dfc", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:910e8842-7942-50d8-9894-67d187f77397", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be1a1e1b-9ead-537a-98f4-0cabee193521", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00c7ba47-0fd3-5a3a-94e1-7d95d2779522", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2bf290b1-3288-53af-ba4d-5560ce651607", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f3f36ac-4409-5167-a006-8392a80c2f4c", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a532724-2f73-5b97-8515-ae886001dcc3", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f10266b-9659-5af3-9300-6637af32aec3", "id": "CVE-2024-8184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-8184 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0dc34ba-4840-5792-bb11-cb1db9578d20", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c6defa7-4c5d-542b-8f7e-1ff131c596f6", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8b1f0dd-ab56-566f-9a5d-584c0f8ed5a2", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87ef619d-ebf2-57fd-ac4f-5167cca5b25d", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ea52af2-339f-593d-b101-e306ea069ffc", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:187042e6-0ad9-5168-8d65-356d3b3e0503", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f111f62a-2c32-56e3-867f-7fc1516b07be", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.50.v20221201-tuxcare.1" } ] }