{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1c645230-4d34-5f1b-8be2-5117ad3c5282", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-security", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a8df29f4-bec5-5434-9358-874acd95fa46", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67c1a532-1072-52d6-ada0-100ffcaf1a27", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b3f4058-39a0-5acd-8b58-d3fd33fed5ac", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8da72aa9-e6e6-56a0-a2e5-f48bfb5bf667", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4df8e82f-cf4c-565a-a390-a720af1ca4f5", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c16f1831-dd1b-50ad-a46c-edf2e97cf5a0", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3fe3600-3974-5c3c-a8a3-0c45726129b8", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c263b45d-5349-59c3-9171-18e70834655d", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be24c4e5-cdc1-5f94-b264-d102193a9042", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ef8a605-a101-5417-8b65-6e93eeb96daf", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39a250fd-b334-5637-806e-d42d73cdb427", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d84ac332-6f80-5b8a-a021-d06909852639", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90a90deb-6f2d-596e-af7d-dd0cbd9d050b", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:516556e2-d89d-545a-8f61-198c81167c37", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d121eab8-e45e-5fb5-992a-4026ae9d6984", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53686904-b047-596e-b02e-7d84c805d17a", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33ca8c96-aa4f-55d7-94fb-023d5fb29a5a", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87d8ba53-a970-5c1c-80ee-63d17bfb41eb", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09c6c226-b944-59b7-bada-e992ef846ef1", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5322daf1-14d6-5fa8-9775-23540ffe8c50", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c364c15f-7f78-5ca8-a116-fe4c7f8e2b5c", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.2" } ] }