{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b6be121d-98f4-5a11-b0cf-a981f0b45f12", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-boot-jsp", "version": "9.4.53.v20231009-tuxcare.5", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:28ce0b99-e105-5bfe-ae17-ca3d92277ce8", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:35da80cf-60e9-506f-8145-7e08c161fd9f", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:385e48d0-0918-5a99-b677-b16cf42ef1c1", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e973d8e8-966b-5afb-9f4a-24bc78a50186", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:905dda2e-46c7-58c7-a352-8fce659a13ef", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4163e228-03cc-5388-81d4-7167091dd571", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:415a2048-f3a6-5650-8278-18628d8ced0b", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:11a7212a-18a2-5da5-990a-4c4f4789c8a8", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c9b52879-e2a5-5fbf-ae55-216fa1b9c5b4", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:adfc0493-1ca7-5a04-a044-7b8ff4f5993d", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e4f790cf-9235-5f40-9004-6023ceb0874f", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f65aeadc-d82b-5f21-9420-52b739780063", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:557ec0bf-8287-5066-8d2b-192adc4d6235", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fba091a7-190a-52e2-a783-efeaf728da8b", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:02836eeb-fa35-5fe5-8d09-0b4f0e512684", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:089366ef-a889-5711-aa8d-45654792c90f", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:397b3d3d-6f05-5e81-80b5-e98a5f16d64d", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8b7eb525-5f91-5440-a0ef-e51ec57a34cb", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bb7873f7-715a-5f3a-a6b7-5bd6d5c61f70", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a82a13a2-f4b3-5501-987c-0bb68568cf6c", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.53.v20231009-tuxcare.5" } ] }