{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d3eb33cf-a723-55ba-a481-61bbee093fbc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "infinispan-embedded", "version": "9.4.58.v20250814-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:77d7c16c-b79c-5223-b016-abedd5211e1b", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb3d2ecf-7517-5da3-a44a-e5cede28a8a9", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf69f467-3591-52bf-b4b4-aeb3db16749c", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6bd1c8ae-0ac7-53a2-bc60-ee22e19ddefe", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ef0aab3-8018-548e-9fb8-16cdc95a3e42", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2856c2b-50ae-54db-8f59-ea12a53bba13", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:41548b7d-be97-52b2-9c82-699f6f7e2565", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:796cc1b4-7645-5bf9-b58b-77c4653bd50d", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79cc8d4b-185f-5503-895d-46bbfc074b04", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17ce1193-b16e-531d-a14b-9e8e60f64f61", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33df6c48-8fab-5051-9447-71d4da31e132", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33506a90-b700-589d-97d0-7b40040d07c0", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b856952-d3fa-5b60-9ba8-8a79767fd5c9", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4c55dfd-817d-576e-8e9d-27b0415420e1", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2f98f56-4403-5f61-a0e3-6585a0ec074f", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa1535aa-8426-5af0-86ec-e86026d8a044", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eab35422-08e5-5be9-87cd-b6ee3cb9feaf", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.1" } ] }