{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5c3ce8ff-9d72-580f-80a9-69765edae39a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.gcloud", "name": "jetty-gcloud-session-manager", "version": "9.4.58.v20250814-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3ee84ba5-6e4d-5d6a-9c99-c450cc94d4a9", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92981c0d-38f9-527d-856c-dd332ec3e600", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e86f354d-d743-5fc4-ac1b-17e4ecb54101", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff126f04-d236-5ee1-9077-0709dd1d0c17", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:474112c8-2580-5aeb-9d20-f2ddaeeab4b6", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc00c690-934e-5a39-8efb-550263e48ef6", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dfa7aeb5-07bf-5eb4-b397-d08a8716ac6c", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b168407b-40f6-54cf-8835-ea9a7491b35d", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f6bf871-b8cf-59fd-8ced-f2bb87d30e9c", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f5f96dc-a1db-5e57-a54b-c9cd3accb562", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f5fdef4-65a7-5160-95d6-c2af717e2c1d", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59e7fc30-fa22-5fb7-a89a-ad75752537c7", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3b932f6-5988-571b-892a-3094d6af78aa", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbee8117-cdf1-5289-b7da-e5500980595a", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab53f65b-dd83-5be6-a41e-05b69b3df5c5", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ac56ccb-bb83-56c5-be2b-4883b2b24059", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e13a922a-441d-5417-b254-fb6f82aa7c92", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty.gcloud:jetty-gcloud-session-manager." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.gcloud/jetty-gcloud-session-manager@9.4.58.v20250814-tuxcare.1" } ] }