{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:24c91bbe-aa49-5531-8f8a-aa925e3f09e0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5", "type": "library", "group": "org.eclipse.jetty", "name": "infinispan-embedded", "version": "9.4.53.v20231009-tuxcare.5", "purl": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3964be15-bce8-5d09-9cd5-1c8e414f59f4", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df80d657-d99b-5d50-a44f-bf320dd15456", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5cb2e016-b56c-55b2-9cf2-ef3bb16e3332", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7b406663-6a9e-5e01-924f-b0ecd8dafbaa", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:04da1d94-48a8-520c-8fd7-dee390273ceb", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:054b1a23-55b9-50e3-9d10-c0623dcc2902", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a7c00f80-c9e4-511f-a093-dc331c9772d3", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:97d0c2e2-7330-5460-b87e-4d57b433c309", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d7954ca7-a93d-566a-8a4d-0265652f9525", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a9153754-99f3-56e9-a5f4-136ba150e000", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:196887e9-bab9-5bfd-b2c4-8d854661d083", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:65adec2d-2e8e-5a03-843d-f51f4c454772", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:66512bba-e0f7-59ec-814b-28e25dc6565a", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:95c190ed-fd96-5339-afd1-33be07732ca5", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0e75f79b-ae8f-511e-9fc6-2e070a14fc47", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5970eb95-52e8-5803-a64c-358ddeb6706d", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3af7590d-3239-5d11-a579-f951f4ef0607", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:512bb58a-4d19-5d34-b7c0-48b532e637e6", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:932b8628-6651-5e5f-abff-74649baf9ffe", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:35080889-0562-5aa5-8f87-337ecdc492e1", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.53.v20231009-tuxcare.5" } ] }