{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b00084ee-38b6-5ebc-8a5b-98feaae30cb5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-io", "version": "9.4.48.v20220622-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c3379ee3-6f6f-53f6-a765-0577578a904d", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69ec3e7f-b171-59d4-91f5-f42e9034f112", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bcdc671f-d56e-558a-b964-9959e7310821", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab2a3116-5086-5a5a-b449-c81719d4659b", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:976b86b0-9f4a-5682-b319-d0761c55c43c", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd520f6b-f26b-5b74-90a9-9a681aec3e61", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f034fa69-b225-5b02-9d28-4146ba2c62a2", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ebe357d-1ad3-5078-b6f3-7e50a9125f86", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:09c2089e-dd71-58a9-a892-abd18e4c8c80", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:853f91ff-73c3-533b-a81d-968ec09990b4", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d211852-ad3e-595f-aecd-bf4cf343e4f2", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ea7564a-2f6e-55e8-800c-fc3ce9dd542c", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96720cdd-075a-5e45-bf34-3cc9f3b49ceb", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b38af19-a80d-5c0f-8a60-ff9e5c950f8e", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba2fceb2-ed15-5022-9017-9335f276af84", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4569e8da-0d6b-5962-940d-f3d887ac0e91", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a9d2b58-fe41-574c-b829-d2740b63cdc0", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7fbf9b4d-ffe7-5996-a607-7cd1b7a30e5b", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f6f7b92a-a90d-58a8-8834-ac4e0e37babe", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:701f3f07-6666-5dec-8292-abae8a1f33b4", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-io." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-io@9.4.48.v20220622-tuxcare.1" } ] }