{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:898590f4-d3a5-5e7b-b4c4-3da914cffd48", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "infinispan-common", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6531efe9-9f6d-5119-87d7-34dbd6bd52f7", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6bf2f7c-3b57-5258-affd-5207fe8fef17", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24eb1404-aa8c-53c1-a9d6-c6acc70f1872", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac2449eb-a150-5c6d-9729-d9c2efb82c9d", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65705929-b9d1-565f-95e8-c0d52bb96320", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:657f3321-285b-512c-904a-9f8e495517c3", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:988c75d4-dcf9-569b-a560-bc1c796488eb", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0a15490-5862-5bca-a717-3b49d11df33a", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9290649b-980e-5745-a541-4d3ab40f34f4", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:429012b5-29f9-5d53-8a85-4886a3c45ad3", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14463e30-8e60-5fc4-83ec-8facb2d8a720", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec545ee6-7e65-57fb-9b17-99257695e213", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a8c517a-40a1-55ee-8a65-da132a874e45", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42ac920b-266f-54c7-be60-02695a055f4f", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:caa5f3f7-bdd9-555e-b234-d4cfba2906fc", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:989f005a-7a1e-5720-b53b-dcfee729ef22", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b0ce0c5-135f-563b-b286-f5971fd3f014", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe73ca5c-729d-580e-be82-0f62ed320575", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22a282d9-863e-5a71-bc37-a830c86c0277", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e2911b5-536c-5b41-8067-236d336043fd", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15eae320-35a9-53b7-bce2-d73a5a30b65c", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.48.v20220622-tuxcare.2" } ] }