{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5d241b49-3bf3-5679-a2cb-e731a4baa0a8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "infinispan-parent", "version": "9.4.58.v20250814-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a49c6b9c-dfe4-5205-9cf7-67b752cbd8fe", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:637c53c4-c81b-5c4b-b2cf-1b678635a2b8", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:605655a9-4f87-5566-b6fa-d68c9a071818", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dcc62f94-60f5-59d0-a540-20148e606942", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69edea81-6547-58e5-a3d7-69842ffab294", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c1765bf3-9ac0-5330-9907-b13fc58cc717", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc4e5a2c-75c2-51b0-8136-b628d0dd9e03", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a8d0344-e5c4-5d6b-bf20-5cf8e4831cc1", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f51b87c-dbd9-5c70-9b09-79d8357fe552", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:742d91a4-d566-5d5a-a9b6-25934827e676", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a23340be-0ff6-54f0-8bbb-d4cb7b5fcfc6", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e68c04a4-cf96-59ae-942a-8fcc6c76c026", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3215095e-3c8a-5d97-bc91-b37bb40fbd3d", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ff06baa-104d-55ff-8248-7b3d40654a01", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24a965b1-3181-5d7e-aff4-f2eab692036c", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c274348d-e29f-54cb-a16b-262095cd795c", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a325a95-3397-569c-ac2f-5e8bb2172371", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:infinispan-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-parent@9.4.58.v20250814-tuxcare.1" } ] }