{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bd652ef6-008d-58b3-a12f-6ecae5af5011", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-servlets", "version": "9.4.48.v20220622-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:35d1079b-1d6b-5df3-8887-224749b10f59", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5dfbd78c-be4a-54a4-80e7-044abcbec266", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d693ecda-dd9f-57f2-8bd4-17459026076f", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78c54616-7cdc-528a-a601-74592780c034", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7434ef57-cca6-58c6-a5f1-b9b63da35794", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b837701-3af7-5430-ab31-8e389176e201", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4047a414-8c1d-510c-91cb-e678558f0e9f", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3c5a127c-8c7f-5f05-908b-394b487adca7", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:05a98ca5-2d2a-5ff5-a71e-afd7afd70f9f", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e26e9e74-6495-5da5-9b6a-acac40eb149f", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7cf0ce67-91de-5ec2-9e3d-9c404dc5dea1", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ae18088-8148-5f4d-bd83-92dd3929bf23", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1d7d322-a95d-5966-8ecf-1e4443f2a8d6", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d9e2b5ef-dab1-545f-b686-7b9739cb470f", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:28eabfef-532f-53c4-84fa-3e2d9323bff4", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1454da67-e0bc-5df9-b4e4-c8e50724e4f1", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:60bd4a6b-4f2e-570f-8608-1668861bc024", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fcdea386-dad5-5911-86a9-427d92988ce1", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:64c47be6-9319-5b68-9a0c-2b68746b277c", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:022479fa-50ab-56ac-81a5-4db40d279f35", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d54d073f-2c55-54b6-98af-99caef629c76", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-servlets." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-servlets@9.4.48.v20220622-tuxcare.3" } ] }