{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e45c3bc9-df90-597c-8b36-5b9feacee507", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "infinispan-embedded", "version": "9.4.58.v20250814-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:33754eea-17a1-5820-b65f-bdc51effc7fc", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b9de0d8-d386-5660-b8b1-7d064cb8ac91", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65ff06f4-863b-5a5d-9d72-164eb25e6149", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49382d4f-6ca4-58a4-a289-d4e9a7d2a76f", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4fdc87be-0c2b-56c7-acd1-dbbe1e94e795", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd7df58b-35d1-55b4-81be-376fa8f1f778", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:941ed2c7-6f6e-57de-b68e-2752e9f84c74", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee95ba24-0f52-57a4-b003-696d37fa7f4b", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9419b28-70ae-538f-b1e3-8235c7018b84", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6b94792-fa35-5b4f-ba17-ab17996742bc", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c79b0d2a-ca54-5193-9e8f-6135b6ce4e7b", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9484e62-3519-55ae-bc83-7a682d17b615", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbd6716e-535a-519e-9a2f-19552226f283", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3fdb839-0a74-5456-8912-2575c0621450", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ab5e053-371b-5e2d-a09c-a851de36c95e", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:601d2018-6940-54fe-89e0-45cb2d8a3f1b", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b9133c1-552b-57c6-ae6e-71550068f76e", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-embedded." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-embedded@9.4.58.v20250814-tuxcare.2" } ] }