{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:20136568-2b6d-5c41-8334-8212e8b93e2b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-security", "version": "9.4.48.v20220622-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:50b9bfde-0b92-56c5-b0bf-21ba7218bca6", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:981ab001-5531-5b06-a42a-2a76f996bcda", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba9b94d5-b94f-589d-9cdb-28f496b6c182", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d99f819a-ca73-5c75-ad24-a1aca260b771", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3bb3994-b262-5891-90c9-7c2b69ef7066", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b2d1af4-89cd-5753-bae5-a4ac171d83bd", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84b7c4c6-3b15-5d04-b785-507df8aad018", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e6eeb9e-edd4-55d6-9871-b4d1817b371c", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e6673cc-7aac-5e32-9dea-664e6b2cb6f0", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:123cd82c-9271-57bd-8011-09e3403f27a8", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5eeeba6-3323-5cbf-9612-98351b77c2fb", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5c1e235-336e-561c-9595-72acc6e04548", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b7086a7-17f9-57eb-a68b-73667a3c9dd5", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0ef510d-a99b-5bbb-a562-ae5405be21ec", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b0439ec-3883-5871-9448-a77326cd7469", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c618b8e-5e59-5599-9ef6-10014b2c3c8b", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8246d4e-c821-5503-a191-fa1c2c678066", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75550a4a-83ed-554f-8ebf-5e345881d197", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fabfd04-e352-54a5-b298-5d6644f6a295", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2666666-fd87-5cc3-9deb-a63fd0f3d819", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-security." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-security@9.4.48.v20220622-tuxcare.1" } ] }