{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:65359eb8-cdbc-59a6-8eb2-b1dbb5aeb533", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-jspc-maven-plugin", "version": "9.4.48.v20220622-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:292d5074-606c-5643-9951-506b8f8005b0", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e099e07a-eb24-5fff-a1b9-045bf50bc580", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b11e2ec5-5932-5d4c-a94b-15abf47f7596", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f2e3a17e-cf6a-5938-bcab-c6f3c0c3f493", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e94c7d1-0600-5c26-8990-e4c10607dcd3", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af2abf3f-1b06-5a17-98c1-719f6bd7f8fb", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a246f12b-76ed-5ffb-8aff-6b176525b7f6", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ca0502c-0f78-5ccf-bd69-da74b8457d3d", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8d482a6e-070b-530c-9116-1a92cf8e6353", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5800988d-ec66-5f53-be38-2c49bde7ae49", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b66e53c0-dabf-551b-abc3-ca7cdd7d22d4", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:74b87021-414d-547d-b1ab-0458dd8fc6e0", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4135f0ec-5a64-58fc-a8f5-486dd6464848", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6fca2c17-2ff8-58f6-8d35-29d4f3dcd629", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:674db44e-e91a-58d1-9c2b-7c37d562f97c", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:79fb238d-8e4f-5c60-a55d-0a3eca874b8d", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:24267d24-c60a-5791-9a55-bf592d47e2f7", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad8bf4b9-0325-5e87-baab-04a1a6153b66", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0fa9dca7-b066-5706-9ae9-1e22707f3a50", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:93596ce8-808c-5d62-b017-c6c71a43cc44", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c59594fd-ff55-56f9-9f00-28216b0f52a1", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.3" } ] }