{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:38c0070a-6fa9-5d6a-be3f-c74a90d6797d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-parent", "version": "9.4.50.v20221201-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2d190245-ae34-5a09-9e0a-210d8c1953cc", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45ab1588-afc6-505e-83ab-cfa3d722dbcf", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8ec73ab-e3db-5793-b482-5039a6a840b9", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fbe9dde-68c0-5b26-83f1-448172b9f935", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a621f0f0-f10e-5ad0-bab7-97b98111e43b", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8760412e-5cad-56f6-9828-71f6dd2a10bb", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e1645e6-c8e8-50d6-8ada-09d0e70307b6", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5615d2ec-eef8-57d5-b2ed-0a56f854ed3a", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef2fa20e-d562-5763-87d5-af066d9cd13e", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8785f0b5-788e-52e1-85c6-4fdc6b40109e", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e06c916f-a358-5f52-b555-a6155174ca85", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a4aa839-bd09-5dbf-aee8-c00a3bfd4433", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac096863-d630-58cd-871e-f825575f7e78", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c27c9e3d-643f-565a-810d-84dbbdf32765", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d9fc5b3-b9ee-50ea-9ffb-fef5184f75fd", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7cb210b2-0281-5764-911a-b8dca2c27d7f", "id": "CVE-2024-8184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-8184 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd44bcca-ef49-578b-a054-d38659c9358f", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee13acdb-276f-58ba-8d4d-225782cd07dc", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8842602-e734-5936-b80e-7868d182693d", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf8ca670-af53-5cc7-adc2-4b6457b54eb0", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d905fd35-9893-5056-b7e9-982b3baf6e1e", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb0da57b-b273-5536-ba01-8213ee785fb4", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6a4b9e9-e18f-5dd4-824d-7f4256e83a2a", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.50.v20221201-tuxcare.1" } ] }