{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1d304bd3-53f1-5ae4-92ae-cc39826d45b2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-plus", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c63dcb63-43b1-5792-8070-96790a01c377", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c4c1af9-db5f-5499-b7b4-1a1d2629ee6f", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:134a0efb-4955-5264-9108-1d911c99becb", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:587e399e-2bb1-531b-bf35-940e4602fd10", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c5d79dc-badf-546e-a284-fc6051edb585", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1caab19b-76ac-5759-b3a3-932200ad6fd2", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5682fcb-c5c8-55c5-85b7-20eec56e36fa", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80c56cc8-3907-5c2a-a1c4-81859dfa5563", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd03c7a0-3490-5cae-9a91-c725af691a5e", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:03d40f6d-286a-5a3e-aec8-ad0723f19124", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c06f4d73-28ee-5106-a4e3-a196be9f2e7b", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb537415-bb69-58a1-ac85-9cecb7f5583c", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd3f9859-d825-542a-85d1-be62df09ab7b", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:845f8575-f80e-59d4-af84-6863be2a6820", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42480e93-db8d-5780-9b58-17998c8830ef", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a477f80-e4bf-54b3-a76e-00b616fa4132", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc32719d-5dad-5101-b8db-1ef8e6c2ac0b", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f899f2a6-88b0-531e-a541-06c8b1a86f68", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3c556ae-d873-5c24-a84c-e77825ea54db", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f825928b-7f59-58d8-895f-15423289eeef", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c50c0e1-154d-5f98-a96f-5b20c66350c2", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.2" } ] }