{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fccbfa20-8452-531e-ac41-733f3cf3158c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-parent", "version": "9.4.48.v20220622-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1d439f59-42f3-5134-9e72-da75777bcf3e", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:06c0d341-4f9e-51cc-88e2-4d4019b29dd5", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6b3d59c3-4ab4-5f16-b5fc-5e8c063c8143", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:358e606d-4f4e-5a9f-a182-81340043393a", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:59302566-d58a-541c-959a-403ad1bde8a1", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6084fc6-1b49-511d-963f-d3fe7cb3f17c", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:99c80d2a-1929-58fa-9eeb-e9c2c78e5a7d", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4073a0de-d181-5ca2-abae-8afdceca4566", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:45d14a51-f928-515a-a539-b1de768b213f", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f675124-3584-5097-80f1-b12354392791", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4bdcf7af-9f55-504d-a771-2e093aceec98", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2324c06c-a9e9-5608-8d5d-b98d2903bd28", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad37e685-6d73-5d69-a62c-7cb1aefb6dc6", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f85e84e-1a91-5086-8632-74f929097bf1", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ecd44b4a-a041-566f-b1f0-fbdbdc5eb1bc", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:93c582d2-ac35-55fd-a624-139749f2be87", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef032f54-963b-5cc9-b84b-4cac4d81342b", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bec6767f-777b-59a0-9d13-66bc6f2424ab", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1d6f91c7-2c33-5d40-9ea7-37a9109d78af", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3777f3aa-4e87-5060-89df-a3ec2821af74", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3278f691-43b6-5eb1-8881-f0e3810e5824", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.3" } ] }