{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:55a35d19-0d71-5a4b-b416-c33b05f0b634", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "javax-websocket-client-impl", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:309ef58a-30bc-5868-9798-2292df43bd45", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:230d9652-abfc-5258-9920-2f972fc47296", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52ad1823-ca33-51d2-b1e1-6814e52e7f3d", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37ec78b7-6c1f-5e36-90f1-c2be120a56c8", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cecbb4b8-7451-5baf-ad35-013acc14f502", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb094200-08c1-5e9c-a68f-0c585385fbc5", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d7c8876-ffec-577e-82eb-221aae2d5349", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58b27b35-065b-5cf6-9df1-b54e39e7e7ff", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a26a1854-6c7c-5f69-bede-8c8e6bd20a34", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66c55aa1-afee-55e4-b5a6-ac5c778122cd", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c575f1d6-78b4-5f4b-8c89-22b0cc3f12b2", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6df9389-7063-5932-9ae3-cfaeffc16dcf", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a52fa278-4c8b-5dd6-94ae-cedf1cf8b87e", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0981644-2f56-565c-9167-c216b05a1f92", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97af2f07-5318-5120-9030-d43cc6ed5318", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c9c73b6-7f68-5ca1-b67a-ace57fcfaa8c", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd3a0993-4ad2-5726-8fa3-be8799cd2ef1", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ebbeeea-02b4-515a-b402-1cb71ee23670", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec2592f4-f2ca-511e-8319-8b25eaf8b38b", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72a9677b-55d1-50f5-a4b2-eee9eb1cea60", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57cce58e-1e69-50dd-bb9e-054131af7c14", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:javax-websocket-client-impl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/javax-websocket-client-impl@9.4.48.v20220622-tuxcare.2" } ] }