{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:26964824-e7b8-500d-b828-96f5a1bf4284", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-javax-client", "version": "10.0.26-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b823cb5b-3aa3-51e6-8301-496a714e4beb", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5671c49c-8b52-5a76-9962-8580536cb9f5", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:278d19a5-2238-5e5d-a06a-64fcfd7f75f8", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9917e03-2f0c-5e59-8234-b1c88925d97e", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a9e819b-2d23-5dc4-aa63-ee6bb7a3b4ab", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ad1e790-46aa-5c93-bae1-180acaa18ca6", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:83bf8ba8-ee00-5fc1-a0c0-e7487549dfc1", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:adde67bf-b1f5-5d2f-9942-a96355c2ea2d", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0f1b2fb-1da0-56ba-8466-9989c1d242f3", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8c3e620-ee2a-558e-84b8-0f7b6a283bc2", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca7c3b32-1318-52f6-974b-9ec6277f0bb4", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2cf75b8f-dbdf-500b-bd25-518f8a7652db", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e124f3db-73d2-5c08-98bd-5ab23f6488ac", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6df4393-ea21-5020-b5e9-dc075dbb732b", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b870a18-e933-5859-9f2b-3a38cc097d84", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37300b86-36a2-5df8-906e-05d62c0601a1", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd217c7f-9baa-53c4-b288-e69ab9632753", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01d6b7c1-9012-5070-a97b-b7293128654e", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-client@10.0.26-tuxcare.1" } ] }