{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d165b141-db4f-56d6-9142-94e5c08d1c2a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-jaas", "version": "9.4.48.v20220622-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b0849c87-848f-51d5-88af-30928b7d94bb", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d3f4bbd0-ebdb-58d0-863e-9928d4b8a9e9", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:28f059fe-fa61-5343-8399-8b652bdce0f9", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae69b5b9-6fd3-5bd4-9b05-3689c6a74535", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23c18de2-7f27-5ef9-b259-425f54170dff", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ae9886b-4e93-5271-8ed9-9c64b563e6f0", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b969cc2e-b47d-5de1-8c13-ed66704a6a2d", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55292919-9696-5e77-921d-82a9a3b657c8", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ef31558-eaf5-58ac-a895-7fa892bc2543", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b453672c-dbe3-5af3-ad64-f8532d0600ab", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9bd998dd-355e-5a31-b65f-70a4a38075e6", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:28908e23-d65b-5457-aba7-cd8fd30e817f", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5868c4d7-daae-5b5d-b8ec-1d1f9a5b70fe", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d63ddc1a-b1ba-55cd-b3f3-5dc044141873", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c0e16e6d-7fab-503d-80a3-9d32cebcb2a8", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4aa0da51-7e81-55ed-96bf-059752a6d7fb", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:752b9264-449c-5eb9-8c4a-96d170db889f", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:45974c27-9024-5e46-9b78-4b62eac8c66e", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ca402df-8211-5141-8b78-85aa4cc59894", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eac03699-7824-5d47-aaa6-ab3b30ba3524", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:beb8a509-2d3b-572c-945e-2e4c57fa0913", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jaas." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaas@9.4.48.v20220622-tuxcare.3" } ] }