{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d805d291-8893-57f2-91a1-9377e66f0830", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-maven-plugin", "version": "9.4.58.v20250814-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b40382c5-9495-5505-9a7a-7d8cc20c9864", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5eaed2a-38d7-56be-9fee-d8efa4424cc6", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb2b7f9d-d3ad-534f-9975-8324bb2aeb1f", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7aca5778-5cee-520d-99f8-ec110f60cdf0", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1583504-ed5f-5aed-8f7a-9d3acb5f5a2e", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edcb66a5-fd28-578e-b080-b05d446b2bb7", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a077cd4-7889-5419-bbc5-808ce43235af", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a4edb1a-9332-53b5-8b2a-a459041418e2", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e4584dd-3bc7-591e-aa11-39bdac51a438", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38bb0dcb-00b9-563c-8e0d-177333f98d7d", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:014d6821-55e7-5285-b847-dea5546f7793", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4315fde6-a09b-51f2-9ec7-4b38fcb058d6", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49e0b731-51b5-509f-aa7d-081f03faddc8", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a58adfb-4a0d-5867-887f-4f41a2ab0ccf", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ded029a-cef3-51c3-9328-006323025e4a", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:683cfcb1-c6fc-5a08-8f0e-c63efba44ece", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1bfd055-1079-545c-a652-83c780996f8e", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-maven-plugin@9.4.58.v20250814-tuxcare.2" } ] }