{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fb31f6dd-5deb-5f44-bcf2-a10ac074062e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.aggregate", "name": "jetty-all", "version": "9.4.48.v20220622-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c93fb40f-1f61-5860-895f-7c026d8e13ad", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8dbfc0a3-5317-5163-9902-23ecb161f29a", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19114767-36b5-54ba-851e-146426ecea75", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fd7912d3-4db9-510f-adbc-bce909053cfc", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51bed7d2-210a-5908-aa95-d87d890bed17", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02d25c0b-532d-58f7-9bd2-4e0bf6da3789", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61c712cd-9363-5656-ad89-3296e5cdf386", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51c9d267-1f24-532f-946a-25df0845177a", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0ef70f3-8ecf-58f8-b3a1-680a551faf59", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b1eda04-fc44-5cde-a564-93eb21e2a2b9", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1f1aa6d-81e7-5479-9b8d-85b112a96bae", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:542ca1d8-74bf-57aa-a600-4cf6da084419", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81407745-a8bb-5ae0-a87b-25fae73c8e44", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d891b8fe-fb91-5c0e-8cf1-44ab07e9e326", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3819cfd-83af-506a-a967-96841352f63c", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:196acf6c-ea38-56ad-aef1-eb3fa0cbec3e", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0d87f85-e226-5f4d-90cb-313cd1177aa6", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25b4cf2d-a695-5386-8474-02eaa5d3544b", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:31ca5b2f-0938-5049-9e0a-fee69cf1a9a7", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7966b076-648c-5fb6-830c-4e5762c6a566", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3781bcc2-eeaa-51e6-a4c4-60fe45392ca2", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.aggregate:jetty-all." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.aggregate/jetty-all@9.4.48.v20220622-tuxcare.1" } ] }