{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:37cf0894-7d2f-5c6e-abe4-fce25307e553", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-bom", "version": "9.4.48.v20220622-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d6ec38d2-8335-5dc1-91a4-e6009a69fa00", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4fd10872-dd2b-54ef-9f4f-0c03bb63711b", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3c82fb78-1fb5-58d3-8d2d-8f1e4146ed8a", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:60325082-922d-5eed-8523-3e225d139465", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:61fea529-d3bd-5827-b401-0df70b84d5d3", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c613decd-7b94-5b37-9c94-3ddaa39de1de", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6edba2dd-dcdd-5203-9517-20d5d86ebe06", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c8335e6-9f30-5894-a9f7-39375cfc8ceb", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:46c9ca52-9c88-5152-96a7-eadb5ae6a11f", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa8aaa43-f245-5831-8567-6fdeb7fe6f41", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10144b64-9b20-5aa7-820c-dbaaec82585c", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b72467b3-34a5-5650-a07f-259735190715", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e53262e6-00d4-5fbc-9825-a50b83e06637", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:791c22d5-5d26-521c-bd87-43a69a581a52", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:87ca9ab7-f305-5368-bc34-aff4332add7b", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:034e1c12-9bc5-590f-82c1-fc8860c912d2", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:de42e7ca-4efe-5c5d-9214-e955d127ac06", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a6f100d1-94eb-58fa-ba91-09a3a44c354a", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a5710c65-b723-5a21-809f-73367b6b5d28", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75395b8c-b812-5432-97a3-f2c13716ad72", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:71b2ce00-34d4-5af8-b347-4e3fd37d726a", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-bom." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-bom@9.4.48.v20220622-tuxcare.3" } ] }