{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4b115abb-5ac1-5fe2-a2d4-29e48c1bcae8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-start", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cc63c990-b55b-55dc-a027-73625d4a62cd", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64f4d643-3725-5e4b-9d72-ad04f07f7bfb", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1cd7d03e-b1e9-527d-a391-9072e5acdd2b", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a3a4f36-a9ac-593e-b8dc-2581d26a7687", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:106b2ad2-b4cf-57a3-8643-cb0046778cd2", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e437554d-98c7-5bd2-9d16-52b49e591d66", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66c03dd4-45b5-58e1-a99e-9ae842931f1a", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66a0f164-4d81-5bc2-bd01-ed78705745a7", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c73d044-a02a-5bbd-a890-6fd832542476", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9426fbb9-7b0f-5ba1-9c58-1df1a600a2b3", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:19abd213-31c8-55c9-bd3e-325af0e36d3a", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f78f9872-0540-5798-90de-f53a516c8d72", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67734ff8-4769-5038-92f4-2c98b723dcdd", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42359186-c0a9-5184-8179-8fb5f16791e7", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f58cb4bd-bbdc-50c6-86d5-58d13f8086e8", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e98ff15-5f92-5cd4-b84d-3335b4889322", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5dcca581-f5d3-5d4b-bb32-1b02f31639c8", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d51a7787-3ae5-5ea5-b416-ecc4b394ef5a", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8123b537-5985-5f1c-a3cf-8d1c00d64631", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d935fa09-949b-5218-9703-eb49acf5c4a0", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:68833627-7cf2-5f27-87eb-a96cc05159dd", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-start." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-start@9.4.48.v20220622-tuxcare.2" } ] }