{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bfa04ee0-e6d3-50bd-b69b-70937a08cdc2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-spring", "version": "9.4.50.v20221201-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4849e291-a855-55e1-af7b-a6fec2ab9089", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b978c99-cb59-5dcf-806c-447d02db2cfd", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b34c8713-c76f-598c-b329-43b368df04a2", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:288fff10-aa3d-51a7-ac5d-39112ab2c802", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a8e59fb-ee7a-54b2-9684-4b4f2f415a09", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c713d92-c8f5-5f2a-b851-6f8363164c82", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db5d9d96-0583-5b9f-973f-0902efa1a3cd", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16243397-9e4a-5a83-8d91-e825c4bd8659", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:494197cf-1fad-5d7f-8399-0482e1fafa72", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e751fd7c-a981-5316-a312-444237617483", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8683ceb2-aca6-5e87-bff8-803111cfc1a9", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9df6bd6-1d2e-540e-a3db-243f2ce9ba2d", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52b39f67-fe0d-504f-99d6-baef3b6da8ad", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3fca6a24-3b18-5aa5-9217-7afe8b32c91d", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28fa44a4-909b-5623-89d9-a5dae16d99f4", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ba7e530-c505-55ce-bea6-c5a161b3acd9", "id": "CVE-2024-8184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-8184 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:433d4e8d-4572-5f9a-b49a-babada9fb30c", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4aed1fa-653b-55db-a061-0c21546892f4", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d677eb66-5aa7-5338-b9a1-906295a3b85f", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9dd1c0cb-dfa8-5061-8a96-24e169fb0ca5", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7352a5e-535d-5020-81a9-290a9f7344ef", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3b7facd-3d1a-56a3-ac93-7f0b1df03d41", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97fade12-dbd2-51cf-ad58-b69d5227f52a", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-spring." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-spring@9.4.50.v20221201-tuxcare.1" } ] }