{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b43a8955-dcc0-5f57-8e10-134093a3f7d0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-client", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fe6c6631-83c0-5c8b-9f31-6d3e74fc8685", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f84ef05-5c82-503c-bda6-ff3c0dbd1ebb", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f45a1277-9ae3-57ed-a599-fa29918d9204", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8cfc90c-c419-506b-aa66-1748332f5042", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd3ef2cf-d53c-5f31-8320-19e90b9e5419", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4149e563-9404-5f69-acd6-4108b001f184", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a2bf3648-23d2-5518-bb62-372b177434da", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32267a23-5245-5649-8b1f-a4c50f7c81f3", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:164ad973-ca9f-5946-bd16-ababd37b5074", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b4c03eb-8253-56f4-945d-7d3e83dc2469", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0241ab2b-7b52-5aa8-8ad5-ce501c74b1d1", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7d7bd5e-ec13-5489-9b9f-754ad4048d6a", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31a24184-aff5-55bb-a126-ef95feffc1f8", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0966e18-e56b-5d1a-93ec-c29e51dadcbe", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18278d8b-604f-5024-9d0c-13bbc624f7c0", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33cd44e8-b96e-5df1-9e75-1824378430f3", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d70a5b77-8266-502b-8c04-f73bc5f0c1e3", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4b0fabe-babd-51a5-8c9c-d60a9047828b", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3cd38310-b0c3-520b-9977-403c682d5ef3", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edd10cb9-bc83-548f-bc46-7fd012aa4807", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90bd5b95-e0c1-58b3-8c41-a38eb8733dad", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-client@9.4.48.v20220622-tuxcare.2" } ] }