{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:68411522-7077-5280-b525-a6c3c1b7fc57", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-annotations", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e7b8491f-ecbf-53b4-9b3f-2e7e1d4a7ec4", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6fc63e98-52ef-5211-8c54-bead132ec983", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41391f31-7bcf-5d6f-bbe2-d05e019ff005", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e258a72b-8dec-5998-b465-b569beeb1282", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8fe82f85-215c-5613-9c53-2f9900da5198", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5aa4ff54-1795-56d7-bfef-9fadd88bb567", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:991204f8-7801-52a2-b9ff-43d7454791c2", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e64c918-ada1-5258-9430-58e459338644", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:430b1982-ab8b-515b-a227-edf162b866d6", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e01eeed8-cb5c-5dce-82ec-d40d925e78f2", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8c6c57f-a0af-557e-b52b-fdefba256425", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:923b6fb8-32a7-5a65-a700-72e044ad5f62", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b63677f9-9cd3-5b88-b48e-70578ecd478c", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f44dd20b-fcf3-5c15-a891-f3bb0a73b888", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:296323af-a006-50e7-a606-1e2035ea1bf1", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cdfa715d-a032-5443-91cb-2169955e9383", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7895040-fc29-541a-9608-ab36a62593ae", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9026bcd5-a71d-58f7-b002-ab8f5d8106af", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af688ca1-b9f6-57ac-9203-5112ccefbaf8", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d32972ee-4978-51b9-9bf4-b5d2a50a5193", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:405ecdd6-16f1-5b22-bba0-e8ba23348a9a", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.2" } ] }