{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b06f79c6-7765-5419-9d73-0e63c267d8ef", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-jetty-api", "version": "10.0.26-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5eb3002d-78a4-5c5b-b090-3fefa5ffcbef", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cefcb9d1-9a72-54b8-a96b-1c0b867c45a0", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2515811a-c090-50c5-ae9f-e5aa57c50012", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ada4c23-4d09-5844-8e45-c9a67e116964", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d30ecd1e-b11c-5876-8a42-0aa656f5a506", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b88c92d5-d950-5920-8dba-36458c1c6623", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da0a451c-51b8-523f-b098-5e24565066b6", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6434e60c-347e-50e3-b48e-f85708a9bc27", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:918023aa-f476-58fb-b4d9-0e1876682bd7", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c42a54f-2a05-59a1-b760-c535cde70e34", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f641e734-b447-52f8-98d1-644bfcae66cf", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3eb89ca3-bb44-5f87-8b0d-ed6f38949d8b", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:57d2945d-3fe3-53be-9bf1-56115893d864", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:43f91d93-19a2-5178-9973-df06191428e2", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:230362df-2629-5519-bbf5-61777f17ad4f", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aac60adf-7328-59f4-8465-a9b4414a6cf6", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4cf5e8a-2a9d-52ac-bad2-b7cadad5471e", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb76fc61-7d47-562a-a96d-464024b3aa7c", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.websocket:websocket-jetty-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-api@10.0.26-tuxcare.1" } ] }