{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:50774416-3f27-57c8-8798-a18399de2632", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.aggregate", "name": "jetty-all", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3c3b5d3b-6335-54e8-9fc0-4dfc65e22cd6", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9bd0dc8-ed41-5204-aa61-003d240f23fb", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:934d2606-e1ca-564e-b7f6-4a85e4ad1eeb", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8eea2b6c-1d39-5654-8b4d-903febb324a3", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d4468372-6c9c-5fec-8a5a-837fad183c72", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5aafbfe2-4a68-5bcd-a297-f668a8f3b0ec", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2deefa5b-74b0-56f2-be32-35c822c879ee", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63a60835-e7be-5d98-b548-4db0980e2fc2", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51a7dd22-4bf4-56b7-896e-aaaf31e6732e", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d51c8602-e1b6-5368-bbeb-26231870de47", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dbe653ef-d40c-5d77-ab03-ac37e26c0e0a", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:937f42c4-10e7-5b41-b0ef-70984a5c1c64", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93094a19-b2b4-50d4-8bbd-a47e9200c188", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2aed985-e1cc-5c06-8acb-8a3337d4dbac", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d21df65f-b882-53a6-a10e-308c015c28aa", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13c8439c-e31f-57b2-8afa-4712837e5199", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48d5b60b-d610-560f-99c9-5cfe8eca5566", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f46a3140-712c-5b46-a313-c952abca0764", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:922a8c19-c76f-5bfa-af05-628debf3b200", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c286ddd-9051-5228-8e52-1c17d0291a38", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:922443f2-dda1-59dd-aaef-8ded129c9044", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.2" } ] }