{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fd3e5540-b2cd-5b9d-98e1-8d5c24e778d7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "infinispan-embedded-query", "version": "9.4.57.v20241219-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5e81233e-a542-5270-9c88-ad5992f14e2c", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d01d0a11-a15f-5a22-8550-951c8862ddb1", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19f4235d-d7df-50d8-b716-425db0d345b5", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b8f44d62-ef6c-5771-a0e2-e64f012492a9", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60ef0a9d-3da0-5cc3-b453-20e826b81003", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:686057f6-0bdc-560b-b802-7947f4f26d4c", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:746822a1-4b59-5545-a769-63076c8cce12", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:40ba8c1b-b93b-58a3-b800-32da98ed9135", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95930cd5-1e98-5749-a1ae-74db3b9f5129", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:310d3a51-0842-5979-b26b-4221e89cd60c", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84fc41f3-dad9-5dee-a389-631cbdfe25e2", "id": "CVE-2024-6763", "analysis": { "state": "not_affected", "detail": "Vulnerability CVE-2024-6763 does not affect version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query. fix for CVE for this version has been already backported by the original developers, so this brunch is not vulnerable" }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef9dff64-3bf2-58e5-829e-3983efdf6d3d", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c173a699-407e-581f-9585-d083128f2288", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5611311c-ad03-5781-9b8d-7d5ad4aa5be1", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5ac780e-d9ce-55d3-bed1-a0789cf5b82f", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc13bb76-99d3-5f53-9fbb-8b72f69fd75f", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:752d7f56-dbe8-5e5a-bd0d-6415f85d3139", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6634226e-cd84-543a-8979-afef1d1d786d", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.57.v20241219-tuxcare.1 of org.eclipse.jetty:infinispan-embedded-query." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded-query@9.4.57.v20241219-tuxcare.1" } ] }