{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:29c355b7-24d7-53f2-af32-31ee1ea70ab0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-cdi", "version": "9.4.48.v20220622-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ce173751-86be-5ff4-9bd1-851a184ed8ef", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e9e2383c-52d2-58d8-9d45-cc00dcf57475", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:854f4a85-e762-51fb-bd18-9cbddfa9062a", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c62063c-5356-530e-b58c-d571ac598029", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32a2953f-847c-534d-bbb1-61f5bd43ce11", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:33f4ace3-c446-5be1-b78e-298615dd7332", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c355957-e5e7-5e26-9b02-04bcf66948c9", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f9407c98-de75-59a3-a61a-fab8de144fd0", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:26091840-a053-5a44-9a5f-43c870b43a3b", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f158027-a2cb-53ff-98aa-9b6000056f0c", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:808ead0c-3017-5318-87e1-da7aef4b871a", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20362b14-155a-516b-9e8b-2686bbc930f1", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:290942ba-d56f-506b-b0b2-0a9b84b1e873", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:87a32973-88b2-52e8-b2d3-e9c8c9393a9e", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23588d0e-3d16-5bc4-ac4f-eb36aa8d6fe9", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ec08160-47d0-5d97-ace8-6e3728d56408", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d8746187-cf4a-5213-9692-4be652c08957", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b447c9c1-a7ed-559d-a54d-9231f5c3372b", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb25112e-3e42-5993-92cc-208d531aeeab", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ddc5541-8bfb-5662-87f2-0a4b879f8f77", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ec0202be-cefd-5cf6-878e-e5c830516053", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-cdi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-cdi@9.4.48.v20220622-tuxcare.3" } ] }