{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:831c47c2-056b-5d78-828c-10cdfa46a39f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-core-server", "version": "10.0.26-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c1af61b4-03d9-5e52-a508-1e295b52daa5", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0078329b-ba23-5f1c-afd9-69e21ca3cc67", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80f19e84-1bfa-583c-852d-3b47068ced5f", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a16dde2-30a5-5685-bd4f-f4219ca127f3", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c4ac935-939d-5a13-8272-2e2320ba3396", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9636409-0e25-5b59-96f0-6e79c38d0a1f", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4e0c126-9ad0-545f-abfc-a178d9bfe508", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98495b67-6135-5cd8-9eda-234910c0c542", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11cce6b9-fbb9-5395-8770-b903466aab82", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:776f1c3e-69c6-5be9-afb9-2b9801bd088a", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aedda9e7-c61a-56a4-8be6-5297d3bdbf5c", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:377bf1df-5221-5bbf-b1f4-09b014894443", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cb06ac5-64e9-5a9b-bd9d-c8c1850834fe", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4658bb29-b351-5d9f-b626-69d9139bfd07", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27f8dd36-e133-53db-b464-0abf5adae0df", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc8a9950-adbc-502c-b80c-0bc826c7f98b", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b98c663a-3e1c-5084-960f-190048b770da", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80db3554-4d71-58b0-8e9a-985ed9b97783", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-core-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@10.0.26-tuxcare.1" } ] }