{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4e4c635b-0f21-5e0e-8140-201c3139a531", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-common", "version": "9.4.48.v20220622-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:68cba951-cb3b-5907-be3e-26a9e8f5865b", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4bc7650c-40a2-550f-ad40-12d490aaf8a7", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d6e0455-c8d5-5a8a-9df6-90a436081f29", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8be54009-449f-5950-a74d-38a505f83909", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1585deb2-59c4-5405-ada9-798aa5fbc24e", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a1cc663b-1ebc-5578-ad2b-ad75b38bf010", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cb828521-3c44-5659-9850-366268809fd3", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5fda5741-6cd6-5aeb-acac-b5197801659d", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72198239-4ad7-575a-8223-df9c1c625ff5", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b633cc8-c08f-58af-b370-f1a9ebb059b1", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5858861c-4469-5930-85c6-c76be0029e3f", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f1b703c3-ba87-5c6b-83b2-b8b017d33853", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d3ca103-2ca7-5ace-b7bf-377c69b995eb", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:00efeb0f-7219-58ab-bb5a-816fe47c78f0", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f63c593-ad4c-56c1-b89d-aefc27946558", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:193904cc-8eb8-5509-b712-b6fcf821d996", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc814696-ca99-5c4d-bf5b-73fbdc204776", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1ad9b3c-98f9-5195-b5e1-deab2ac05e0e", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ede3d972-b712-58b8-be8f-1e2b4606ac1c", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d602d9d8-6f1e-576c-88f6-0a15f549e9d3", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6acfd7f0-2107-5e74-a117-31ea1313ec57", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-common@9.4.48.v20220622-tuxcare.3" } ] }