{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5339addf-e756-5d3e-81ae-c9bb7c48c180", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-parent", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2693c389-cde6-5d21-8e53-c2e6c381e2b2", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e716f045-4c7c-5813-ad59-4e7b6e9a0084", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb251190-564f-5c5a-97f5-ab62db61ba82", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e7303de-9955-5aeb-9268-feadf90451be", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66d8aa79-9d6d-5295-bbdb-d821de90ab79", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9dcf279-c053-528c-b3f9-01b1593df1a6", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:70516b4c-5817-54aa-86d0-9c28cd1a23c7", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c3fd60b-8f49-5cf3-a784-21cf4af6f607", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8938206-ceb5-51ac-a0ff-ad85b26a37ee", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5c4574e-c317-564d-920d-833c637a9d48", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:901720cc-f08d-5c1c-84c5-93350b1d7b84", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5bc940b-c8f2-58d2-93a0-ef05bb222428", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7993406-8482-5bd1-9d2f-c632fd0003e2", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4db7a8f-64d8-5fe6-9e2d-a7dc5ed61c51", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5879060a-73c5-58c7-a13f-699acb922ce3", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eefb8b68-630e-5bf8-9f04-6b6cbb4a038e", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c62965d-dc91-5ffb-9fe3-64f7c53c98c2", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98854a96-04cd-51bb-bee6-89e28f596a43", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b7dfbcf-66a9-572b-9251-39944b6ce9e8", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a4aaec7-87ae-5b6a-b0ea-257de4ecaa30", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8575316-d2e8-529b-8d8c-857146e51a73", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.2" } ] }