{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b79cce90-7d6c-5264-b602-b1ce92042c5d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-javax-server", "version": "10.0.26-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:16dda944-66e0-50e4-a4aa-18032bccaaac", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee31d9b9-f0ac-5fb1-b2ed-fe364eff742c", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b583a5a-777f-5355-a30d-6404c536076d", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee5eb39b-5568-5d36-bd18-f218393ba90f", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc590afa-64b7-5fb0-8ec8-f87b1c2c6a63", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40787712-0d7f-5b5c-8e6e-bbebdb8fdaef", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3446ebb1-b205-541c-b74b-f38b020a1aab", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed29d281-f66b-5c4c-bd26-22a93748c7d1", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ed80fa3-25c6-56f8-81a1-35ed54c6743f", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a053bd60-a0d5-5937-aaa4-7fc2a58835ee", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:273d5dcc-ce9e-54fb-bb7e-648eb893a56c", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ee2a78d-4b21-53d4-a849-2904b2939b1f", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe067100-5242-5a03-ab43-420f95ec7da2", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e23a93db-13b7-5636-8b5e-03f7a53be390", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c304323-4d9e-5861-902b-e65f639bffd2", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a21559e-076e-5175-b2c4-c0b1acb31d5f", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d741fb69-37ff-5179-85f0-6e301a4f5c8d", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bee5c0f0-e506-5a73-b680-0b384896e1ab", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-javax-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-javax-server@10.0.26-tuxcare.1" } ] }