{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ce6d8e54-0f14-56cd-b219-de8d3c7be330", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-server", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8acad1cf-d458-57d2-a250-48eaf7769147", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98b97aa9-6c4b-5fe6-a356-5a5cc2aeec2a", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8341b631-0ca7-53db-a950-e981fc7e6c3d", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4e7aa15-4a75-505d-be15-9ccaa155889c", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58f7f158-da91-505d-a126-462d19f2e862", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:324a7f60-a7f8-5460-b0eb-291787a2ae47", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a46ea3a-a41f-5468-8a3b-f63d30254485", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b675ace-b73e-5e71-8414-0e0300612c35", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13a64ab6-3d56-5ae2-aa82-b8b303061de5", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b847d795-f2e5-573c-951a-539b98842be1", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b7799c7-1f24-59e1-abe8-acf285b744f1", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b45de1d-c0af-54cd-ba59-11a1ad02c2e7", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f42a4ca3-3cc4-5e02-8ce3-00890a235aad", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:268b2a18-b7d3-57ec-87da-8cb2b68f57e7", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4053876-e17e-556c-9cb3-4c121028b8de", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3645d98b-644d-5c84-993c-f8e1f4b090d9", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76c3c919-f557-521b-8a35-9c0a3a333a5f", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45249ce5-bddb-5972-bed9-5ee08ff9e7ac", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b51ae677-d38b-50b5-a8c3-971d3a315f60", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07753714-0f7d-5441-8756-a84b7f31cd31", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6beba439-949f-51e0-b1a7-f2ea2ff2c168", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.2" } ] }