{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0774f960-fd16-5023-bc03-eca9fd5501e5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-api", "version": "9.4.48.v20220622-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:43b6fdc3-07c5-56af-9931-a1efa769e97f", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae58427e-2064-5523-99d1-1dd21934319d", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6656493-c71a-5f83-902f-2ce39ca6def1", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db628f8b-67fd-521c-8238-da5ec63fa3c1", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2bb875dc-d6d6-5906-8e19-9b0fb1074de8", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b36779c-d35e-51d8-b9b1-0c2bbb043fca", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:292d913d-d6cf-518e-8665-9f54b4c3d66e", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e943a49-ff54-5611-a6b6-28d39af419c4", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc02c4a6-8cc2-5484-a2a2-78250a393944", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0ba9c42-708d-5340-985d-d00369b4e148", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18ba4480-d186-5847-a6e2-01a0ac0085c9", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c433446-1cb7-5570-a72d-aa0dc10db8b8", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38cbae15-4d07-50d3-b592-e6d4491337cc", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3349c72b-c836-52c7-85db-f279781c4ff7", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25c3f23b-8357-57f6-ba82-4ce64c27a9d6", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3bddb775-8b93-55d4-b16c-74aa41c3719d", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9875cb5e-55ee-5c1c-8ebb-b63f873b88ff", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:298c733e-9ecd-522d-b5a5-2191ae89e41f", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f9708de1-2d31-563f-9873-6c2fd06994b1", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f7b8de6b-9192-554f-bcee-4d73df14a6e6", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38c6873d-d77e-58d8-a571-cb6d749eebfa", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-api." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-api@9.4.48.v20220622-tuxcare.3" } ] }