{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f3f2c790-5dd6-525d-af32-47b8c2604d18", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-util", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dbc3ae81-2c05-5f5a-965e-7ab09a7cd3eb", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bdcd59d7-6cba-574d-b12b-72ddda04d76c", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:82c69169-ec4d-569d-b711-64c0f2280150", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3613fbef-d0b8-5cf6-aee0-b5c01bc7da9f", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf41ce09-6dfa-5683-a953-525dd7fe58c3", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c9c6b3f-6c79-528b-9042-cf3720fa83d1", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6afb7da6-d32e-51f2-96c7-a8f1550ae585", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4ab0fa2-8884-5738-ba34-e8344186789e", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c8ddefa-5614-52c5-a64f-6552dfeeaa7c", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46b888db-198f-5de4-b358-2034b432dd71", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e37e62b1-333f-5642-883d-cb6e01151883", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71f9ff2c-5954-57d8-97f8-0681e02a2efd", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:728580f1-f8b8-5120-9ff8-64e7b816006f", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d4550173-5127-58f9-a943-1c14a850e855", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db3b052a-d039-50e6-bb02-da8a761e68e5", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ed614e7-b989-5146-84c4-095ea82b75b9", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:89d2091a-0027-5b5c-8dce-906416717731", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c822663c-e471-5c47-bfa9-72a280e15432", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c562c49e-c654-53d5-89df-610cd50fe68d", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e217a750-3c8b-5305-a833-9f318bf7feb1", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d34d8ffe-260a-5a41-a3f4-18f3e315eb48", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-util." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-util@9.4.48.v20220622-tuxcare.2" } ] }