{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fbde8752-5f07-5acd-b4a5-29fef5eedaff", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-common", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e5e37d8f-9ab0-5808-9d45-fb5e2429d32c", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad6c2447-d402-5780-b9e0-cf4d13ea7cad", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:339d27ed-068c-51b3-930e-dc581e03acf4", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:655faeb0-e52d-5471-9e01-302c51ed25ed", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34313111-82da-5c5e-a84f-829356d2bd18", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb206f8a-c05b-5bdc-94d0-b77299599e86", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9f7a214-e59a-56f3-b61a-6314720a94f7", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76e1a713-ac8e-5a20-8114-a9a969ea8c20", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7acd7a6-6b67-597d-9811-43e2ff1a8d7e", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57ff71ef-faba-56a4-892d-af37193ae7f9", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:419b70fc-a41a-52c8-b930-f96560cf3d13", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbbd1c4a-7e31-5bff-8868-9ed8def24e73", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15e1c36b-8912-5c24-8081-70cc15bbdb8b", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c048c77d-5a23-5e59-9c85-c23fe05e501c", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3c1090e-538f-520c-b98c-b22308a67873", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f627f55-fa03-5455-9f38-0f1ea418d2ea", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c4c9378-3c22-54ba-8c70-5744c7852c46", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:553028a2-d0d0-53e1-a46d-4787abfd6d56", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4cb617d1-cc9a-577e-839a-853b939444bb", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2280fb6f-de50-5eb5-9cfe-3e90bd509c1d", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0159084d-7928-5094-8c52-4c2841b7c30b", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.2" } ] }