{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:12bcddc3-14d5-53ff-8d73-3a106ad44f0f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-plus", "version": "9.4.48.v20220622-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:087a35d4-eb3f-5944-8e6b-eebba871c251", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7a083067-cc7c-5af2-9f16-c13c9c5aba11", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f16ed35-fbf7-5d1e-8df9-fc52067bfefd", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a257e71-1688-53ca-9050-96a81a05a2b5", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c912afa-62b5-5fd8-8f93-a25ed4e88993", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18dae876-3901-5807-875a-08dbdf0300ce", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4179d18f-d762-5dfa-8dad-bea5c3823eff", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:40966ae0-6aff-5f81-a9aa-65e9c5a00347", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:159e8450-e713-5661-a75f-943f54f8e21c", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ce95565-968c-5bc8-95d4-cbea8423fb68", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e86c2ee-9812-5da7-97a9-8c954c3af340", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0891a2d4-68cb-574b-8ab3-32088cbcc74e", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56753a0f-b6c6-5920-9a76-bb149b237497", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8962ecfc-ed66-5025-902c-74d83bf1641e", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29388574-6f6b-5dd2-a7f6-7e8cda3f9b01", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c815d62-0994-51d8-925a-9a4d061dc78c", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d886276-dd9b-57ba-9fc4-82bda95fb1d5", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d23cbeec-9f22-5690-8257-1c143348a9b4", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff3cd80c-f0a9-5cba-958a-994bca1dc4bc", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6465902c-ffed-5313-8c5a-78e47f3b08b8", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5af54399-d71a-5b33-949e-81b99a9769a4", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.3" } ] }