{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b3e2cee2-4754-5ec7-a43b-2bace8c2a2f9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-deploy", "version": "9.4.48.v20220622-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:463d31a8-d99d-5e0e-a765-450039c05b3e", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd23a00e-edaa-55a5-a3c5-d7ad126dcf0d", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e18055c-db02-523b-98ba-0a81e0a62329", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42e80939-7755-560a-bd1e-9e0f43f158f5", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4999e68-b6ed-59c4-9db8-5d55345a1434", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32f82caa-559d-5efb-ad40-9b7bc59a9c9c", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:61af6dbe-305f-5d74-8f24-d03e2aba0042", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56ed67f1-effc-5197-9d94-3100164ad7bc", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f1571f7-c578-5689-9768-442ee6a16a31", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:812ceca5-5781-5e6c-8862-665d7d3f8f16", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8c09b53-d493-583c-bc35-a71249e785d9", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a92aac0-ae24-5afc-a4a4-a3c60c3267f3", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:558be7d9-ec1d-5f02-a3ae-8bb769aa6a23", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:725faca5-4bd3-579f-9461-205fef910214", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9e831789-af9d-510a-b8c0-21c2e959e7af", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c8c1613-cc05-5961-8947-f1404b9f1427", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9cd37dfe-2ab3-5ff6-ad72-70be0682f6fa", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:acffa5ca-6acb-53e0-94f0-3e9145a02dad", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5db52715-32c6-5a01-8847-7b5275476cde", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b26c456-52dd-5d5e-8349-51020e313f0b", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b295276f-8827-5f20-bb79-887f14705607", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.3" } ] }