{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:aeff616a-7c8d-56a5-aee8-9d0e9d72333d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-xml", "version": "9.4.48.v20220622-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3433f906-e996-53ef-94c2-51b9e6aef127", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb2c8336-4b83-5254-85ba-9dfa5b646860", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9df039b4-ea8c-5ded-a6e2-3bdf1e77afe1", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:057e6a75-5309-5c5f-a5ad-2ce7cc14b226", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac331e30-1410-5ec1-a68c-4e5774acd4c8", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5661e7e4-41e0-5d37-94c3-905b8bc0499e", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3e1b385-c136-55ea-bd1b-40a2e4b5e3b0", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a69fae34-9eb5-5c52-9c8d-c9bf1c0d7acd", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a455acb-ad2d-50d2-b97f-d607f41b24d3", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f15e7f7-fa11-5705-9c7f-7eaba19af54b", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c17372a-9a3e-5352-a8b0-e60d758d1442", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4bbc3b5d-9583-5f15-b6ed-66f8ab7856c5", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23734592-be5e-5586-b050-69cbb9076197", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47bda334-53c4-5f3a-a718-7d78a2a4855d", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:166c25c7-2c41-574e-be7e-422282c535f8", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98ae0b6a-fa74-58de-8d3b-8a9164cb261d", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:969379e9-d242-5b53-86a1-472494b1ac4d", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8716c680-34b9-5e37-a1b5-970dcda24ae2", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d477cc02-9955-527c-81c2-74913e013537", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e403408d-0dd5-549f-a8f7-f2655a54526c", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-xml." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-xml@9.4.48.v20220622-tuxcare.1" } ] }