{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:17ffc56e-4e63-5a46-beba-a95ceb80de69", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-parent", "version": "9.4.48.v20220622-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0f6f803e-09cd-5426-a01f-e3f9441b1bce", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae5341cd-4d67-54df-8f44-6a91a58ddbed", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc6f8935-8e5c-57fc-9fe7-d6b86db9a51c", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49d3dd0d-0a04-5e5e-8b36-dbc45d7b5588", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32a6833a-cbf2-5779-9402-8f174ae560fd", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1cd33ca4-5db0-5fac-bd45-07bfbc6fbbba", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b56e1dc0-eb86-53e1-85b9-b4b95b8f5c95", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f47c0d09-f7c3-5087-ae7c-fd1f5abfbda7", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38ccbfb6-b63a-5b1b-a4c9-e7f87b7786e5", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1277e316-5a27-523e-84f1-6a24673fba73", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1abdbca6-8856-5d12-a46d-1c4fc48665ec", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fbf42732-3788-51ae-9f09-2d558009f43a", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b57aa627-45e9-5f89-827f-d49497d6254b", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f1645f0-d96d-50fc-91c2-e5253e445a97", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8195e2a9-d56e-532b-939e-618923415626", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a09c7bb3-32b3-55ce-acc7-261ce9dfdb13", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0382bf5-7d35-5423-9b17-f25eb30864ea", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99b235a0-bfd6-523a-8e73-f3f09bfbf0df", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f5e3c729-dcc9-5e6b-a651-1d386c85f481", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab3b9389-8c24-57da-839d-0cfa9b4e25b1", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a0dc457-7a38-5455-a4eb-584fcb501d6d", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-parent@9.4.48.v20220622-tuxcare.1" } ] }