{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f1e93e03-3533-5e11-b607-d2f14401ad22", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-servlet", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:87e5e6d6-5898-5e13-9868-1e99f4764c9a", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5694caa-f46b-54f6-a9b3-30dc4d9a442e", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f87f0b0-0f47-53a8-83ca-d12e0c951807", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:516855c2-fab4-5cff-bd7d-3dbefdb24176", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f8194f8-ea8e-52cd-adb2-7a5c05c6e308", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c07b7582-758e-5a97-bdd0-41f1906f8b16", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:092e5054-3f17-512a-935a-b202e275c230", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa4f74c0-0b2c-56c5-aa6e-a3750893f07b", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:feeefd55-1726-5756-9a77-e266f70f817f", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:009fe294-eb92-5d39-860e-4197f0585307", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:147737f2-7a8d-56a0-ae1b-70498aedd0bb", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27e62220-10d2-5c3e-84f5-1da60703f501", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78e10262-5683-504c-a685-782c8d843242", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16a09868-4c75-578b-a4c5-b39cdfd82777", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3bc07101-0e42-5cf9-af83-87bc006c64ed", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:298253b9-5547-5056-81bc-90a7ad181436", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a60a51c3-c923-58a8-850e-afa6dd4c5176", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:766167be-ce14-5725-8339-5f7b85d002a1", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2423500b-6f09-5e10-9886-6c812996e2ac", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37451961-44a4-5731-8c07-faf17631935b", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:adb3ec2b-d5a6-5d13-a638-18b1eb28e604", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.websocket:websocket-servlet." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-servlet@9.4.48.v20220622-tuxcare.2" } ] }