{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c834e49e-e71d-5e0b-a7a7-a7c74ca63025", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-project", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3d4bc096-2710-5c9e-b2ec-71211c3956ae", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98355db9-3a35-5848-87b4-7ade4dfbdf6a", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:217745ae-21cc-5b47-b5c8-5588680e3cd1", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ba58e14-604c-5afa-b453-c4c430b9588a", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9140850e-87c3-5879-b2d0-302f4a3e0038", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dbb26f68-998c-5a2f-b6ff-0f670c1bf719", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f89ab507-3af6-5992-bf74-217d31618f09", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2dd536e-9c73-5428-a5bc-175162861e65", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa7bbfb9-d775-5e43-af07-e36378710d05", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:99cb772f-ce2e-5f02-a324-04dd5e7d6a9b", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c65db9f-1808-5b76-83c2-7179de94965e", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:328bb20d-aaf5-5c26-aa38-af727537e77d", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60cba631-27a4-59fe-a0c8-a4813500d437", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:81cbda87-7127-51df-bccf-8ea5b4f57fd8", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae63d94c-d4d3-5fd7-8e10-423867e12f1f", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c4ffa3d-7a9b-56ef-a52f-dbe5d817a04b", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29e43f57-a294-5347-8fdf-256701261c47", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e2d201cd-57b7-56f7-8b02-b948d5490c8c", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c48a799-3eeb-5db8-9990-1937f8a5d6e0", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64c6da56-80f9-507e-8965-03b3adcbe916", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3890143-d9ba-545e-8a8f-ca3a1aeb1492", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-project@9.4.48.v20220622-tuxcare.2" } ] }