{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2774520c-d7c0-51cc-a627-39fd9f2e2d97", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-jspc-maven-plugin", "version": "9.4.50.v20221201-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4fb36037-2b24-588b-a270-99f8725cda87", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e64dd59-5043-5596-a74d-d79f3520b8ae", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:884e62b8-86e5-57a0-b43f-3e6a40363a42", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56e04437-0df9-5b13-b616-0eadc12399e6", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fd4aedb-304d-54ad-8ce4-474ab3f17be2", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3775ae4c-751d-553d-9805-d8b5b971d778", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4741bd1f-7887-5b71-a331-9ace7166ae44", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65c86d17-2812-58d9-9195-49793b5461ea", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ddbd0d5-71a3-5e8d-a266-7754d4f30a9f", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c97162b8-fdb6-589d-a21b-3db434e1d8c7", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:093babe2-3ab0-5686-9d83-b3d86c231077", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b46a739b-56c0-5952-8352-e4c58e42e2f3", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d2e6dcd-bdab-5408-975c-f0eb2e048f29", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0ee8f2a-32bf-570d-bdc9-63a3e10a3100", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f577dfe9-6bf3-5ea2-8bfb-b71203b1f176", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9fc87b55-cf13-5ea8-9dea-6b22e68a6248", "id": "CVE-2024-8184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-8184 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:192ba09b-5b86-579a-875a-0c6c6584ad73", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5d0f615-7af1-52ef-a88e-fd9a777be9d0", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4e97c08d-8575-5d1d-aa18-5632c896d21e", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e78dfa34-cb98-5eb1-a8cf-071cd7b92eb0", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5849a033-fa42-5411-b4b2-ec7f99022d45", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e646113b-4dfd-5261-ba9b-abd71b5786a2", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bde01a4c-1b16-5d1d-9b20-9d6cf6f5bf9d", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.50.v20221201-tuxcare.1" } ] }