{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1849b7ad-db40-5916-aea2-cadbc490952f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.websocket", "name": "websocket-server", "version": "9.4.48.v20220622-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0b402d10-04af-5350-9243-f0e963a3eeb3", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bfd2fb64-48c2-5df1-8e0c-633e9c1e38d1", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b68157b8-5bb2-5480-b3bb-7b14390eef26", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18805a66-2ae1-5250-9e1e-65160854cd34", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49102ba1-a6e0-58db-a0b7-7cd26689b043", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:becd9457-08bc-5241-86f3-abfa9ffff23e", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e02dc252-4b04-581e-bc11-448b50643b54", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9bfcf51-debe-5373-8a5a-a44a3db13265", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a226fb50-56b3-5833-a58a-57478180b39d", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d608068-8c09-5374-8d48-c6884c083bca", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80204ff0-4124-5b8d-8c33-11d4cc15ebeb", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab13c2af-4aff-50e4-a352-7c262f6ec28a", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69b281fe-e752-5a38-b737-fa6efc3c718b", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3a75f85-046c-5452-8bc3-2086a6e4b879", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ef87f61-2007-56cc-804f-0596eeec5a18", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2346bc0f-c3ab-57f0-9718-0c2263900ebc", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3911aa9e-7104-5a4f-80ab-cc07fe2d8c92", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e4f39a3-24b4-58cb-9b29-d657f4af749a", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:012342fb-df2d-5258-99ef-af5781b1b6e0", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cccf8960-6035-5801-8d71-40f03b6cd81b", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d0bc262-797e-549e-a8fa-219c5659d3e8", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.websocket:websocket-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.websocket/websocket-server@9.4.48.v20220622-tuxcare.1" } ] }