{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5cf9f20e-5295-5c11-b32e-0322ce59cad5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-servlets", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d70779c9-bf4b-5afa-937b-87c29024a921", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c27971b2-eef6-5b1c-9803-f99de2de255e", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed12c6eb-0e94-5661-b0bb-231619c20af2", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c96e9ff-9200-5a14-b2b4-732d3a1b9292", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e2e7979-9c72-5eca-8268-f3268dc5fa0b", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79033c9e-ec2e-54fc-bf60-5c9f06a7bbbd", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16a4a721-a0d1-5c13-904e-bd02b4077834", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d194dd1-791f-5f84-b9a8-44bbb4c423cb", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:412c3dbd-dc82-550f-bdda-326863c4980b", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d41d7b15-9a30-50ad-9b94-ad7ac10bc6ec", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71a730f4-800b-51b3-9077-d825b879d65f", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ca10450-fe4a-5fea-b4c2-0844ce4dcbc5", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b8d6f04-d3c5-5417-a549-d23fa9986d60", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dce7463c-2e17-5ad6-8406-a69057e3ac87", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00179529-0d41-5836-ad44-e2922f9e7f07", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ca2e063-545a-5860-9ccd-f3e94e151778", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a106e26d-41cc-5876-b17d-03525457f48c", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:491af95a-730c-522b-a960-17b958177afd", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2ede2d4-ae5a-56e1-8636-7b04f7e03342", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:785c461e-c9b4-5318-9377-a69e9523948d", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73d754ca-770c-5187-84c3-0984c0f67428", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.2" } ] }