{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f8dee607-d979-512e-b02a-022d39292185", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-continuation", "version": "9.4.57.v20241219-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4b281f9b-c77b-509d-b867-47ad8d75f9a9", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20aaae09-8a6b-5e79-af19-8ebdbfc1f42b", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:485de6aa-acd0-57a4-8228-4a5babad7041", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b240ff0-fb7b-5002-aa3c-a82adc073d22", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b275f3b1-9dc7-50db-8331-5c7efec4523e", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:157dd41e-61d0-5a11-a53d-d1b49940551a", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20e3d651-9a8e-53b5-9ae2-861e576a57c5", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a38c50e8-394c-5db5-93ae-b81c1286da06", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c47265eb-58ef-5356-8a24-db1e76320f47", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21646b45-b847-5c1b-913d-041b84d20ef6", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec3a2cf3-b80f-50f8-95ef-efca318c9c3b", "id": "CVE-2024-6763", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-6763 does not affect version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation. fix for CVE for this version has been already backported by the original developers, so this brunch is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6c741c0-4def-56db-99bc-f1e7e640f373", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d0dddbf-7b35-5f21-89d0-7643b8c4815e", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3a24464-6f45-5712-80e9-3cbb6263d35d", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f715cad-4827-54e0-b8c9-8d6a02c3ddba", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3d19d4f-831b-530c-ae97-c4757681121d", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:315be382-e06e-537a-b548-454a847f49a2", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d644590e-8a07-53e3-9b61-85ad037c5574", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:jetty-continuation." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-continuation@9.4.57.v20241219-tuxcare.1" } ] }