{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9ffede9b-2de7-5697-9626-f059e76eedec", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-boot", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:76ad0c74-9d18-54c2-b029-faadff2e1966", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b4cc79b-2fed-5c1b-9a70-67fbbd47bfa0", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b0e58ba-79ce-50a9-8aeb-2efa2ed68338", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17c89af0-b58c-5dda-9396-22f9afc02464", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7b41120-fbf4-5f41-a509-a7b24c8f0443", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b289d78-bb26-5577-9df6-a56cdc61c175", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27ba4e18-03e6-5ef3-a0a2-b4ed5e0daee1", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f68c83f0-fec6-5b31-9fb8-3777c62ce22c", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9316f388-a10e-56b4-bc7f-b951a4fdc05a", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17af2f86-4a98-50d1-8e8b-c49ac29fb490", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31066c15-2696-5a7b-9e34-a609c0c434cb", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:235a786d-e4d6-555a-b39e-42a628026639", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbd35d72-5332-5c20-827e-90f4e0f6ad0a", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f282005e-6c29-52b7-93cc-bb54268bba7f", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df5a76e5-02bc-5a73-aa25-23cecd89083f", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52162708-14ad-5d60-861c-d28fe4818dc6", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:769c9d74-f6a4-5353-afeb-3b86ecdaa98d", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1dbc294-fa95-5798-9562-f0b788fbc423", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:265dcb83-02b4-5e9a-b172-5ba68ccdfa32", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:327f42d6-6c63-5981-b9ce-608ded19e53e", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d37993cb-d21a-52c5-944b-d64085939c98", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.48.v20220622-tuxcare.2" } ] }