{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0585ccf8-3e0e-5246-b492-ed713f3aa4ec", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-project", "version": "9.4.48.v20220622-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c1afa79b-faa2-5f2b-b8a6-42cd60795193", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:396add3f-f826-5ed0-ac3f-0239c859c1d1", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2be9a33d-86d7-51f0-b295-0ed7041d6e6b", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:40452b53-19a5-5203-84cc-7a5ef38d023c", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8d667fe7-5db0-5041-b375-653a22fe84ec", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed91eb91-6606-5e63-9b81-7244226e0646", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:87da4cfe-25d2-5bff-a2e7-581e455d0ad2", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a3b78ee-c8ce-5da8-902b-8d2dc564a44e", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31b492c3-3eda-5520-9ae4-83547b756c6c", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b39e1ca6-3472-5337-9e55-025f1f92e500", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:da3d176e-9ca9-5e70-a7e1-fe3df4a96d33", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7c155f10-8619-5835-aa83-e6f467869499", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88d1d434-ef02-5575-95d7-d97f00e1f3e9", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:35b1b8e8-6e04-5a52-9b29-b8e4649cbe81", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:22dca13f-c5a9-59c9-9905-2e60dfd54982", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3bd47bd-3ca5-57e5-8207-c37a9912bcaf", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f4f3f6a-eabe-5a3d-be3e-e1a201423033", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:79ae77b0-c35d-591f-adf8-80b516ee083f", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:15194c9a-9f7b-5375-aa6a-69066cd8bc62", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dbdb9bba-11bb-5566-8c26-8d2bd3d68139", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a3b92e6b-13ce-57af-810d-40e26bf4da86", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.48.v20220622-tuxcare.3" } ] }