{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2e2544cf-9bcb-55d2-ac64-1d7862277c6c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "infinispan-embedded", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:965c013b-095e-56a1-b2ee-1dc5a97a6498", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1ffef9e-e10a-5cd8-85fe-39092575f87a", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d1271b4-4881-53be-bcb6-49bcef911f45", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9b946ba-e08c-5dfb-b147-bf4075376cce", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da36e682-17b5-5fc0-a133-f970f1ad8e9b", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b09832a9-60d0-5430-8da3-65fad6b582c9", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0451ef33-ed6a-5104-9f64-fd453503003f", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d105719-069c-5d13-8435-9e610277b7ba", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ba6de54-0576-5276-8cf5-2ff491d6cd8b", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dce95ece-781a-5d33-bf50-7d2c61d7da08", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a904b2b-c377-51c5-b5fa-846458acb89d", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01071f12-3a1a-558e-910a-d2e64f18abb2", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:581f1c50-9833-528e-8a41-30be40ab7de6", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4aa82d6-4664-5caa-956c-6170e396518c", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28a46c7d-2f37-54c7-a9b0-73840b623fd8", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:54e29be3-6b56-5459-85f3-2020367a4985", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7853164-dcbe-5f42-bb17-89523e740323", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5d51eca-fa5c-5514-8d0a-aadc4f36371b", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74e119e8-a06d-5414-9a38-7b16a29b7c13", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f78cc250-98d6-5577-8afa-032e50b55ef5", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c62ac3b-b3e7-5f5a-8c0a-d398bb8a2fcf", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.48.v20220622-tuxcare.2" } ] }