{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f5bf099d-15ea-5e1f-a3bc-6a26471cb191", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-boot-jsp", "version": "9.4.48.v20220622-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ceeebd9a-65f8-526a-95e7-871c8c2ad9e7", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fcbc674-f074-5ac1-bb55-44eee0d0b2d1", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:770917d7-2980-5765-a7d6-0a783f16e3ba", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f78e8631-941c-52c5-8bc4-401604a7ca19", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f3f0ab1-0a6e-5c0b-b3da-d091f2cf82a7", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f58bca7f-f428-5ba1-aec1-1b0065191851", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18fba4e7-a28c-5722-9e69-2e7ee33a559c", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ec646bc-8468-5613-b50f-e0e7b8c3f725", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23946daa-2e71-5946-851d-42c7e9b383b9", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:52f90ba5-4cc9-5473-ac5a-722342caa2a4", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21990bf8-64dc-5e2d-a290-bcf3df61b8db", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad93a1cb-0aeb-50f2-91ca-70a2318d393c", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca3f9a73-ff55-5288-a4f5-374b3b3fdfd9", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:246b6ea8-42b6-5e13-9af4-651c264dd7ad", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e675ae0-c995-52fa-8541-8309740ea9b3", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a4e43228-73d3-5afe-a468-3524a1933ab2", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a31f53d-d646-5460-96ce-099adb53946a", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f40620c-af92-503e-b357-d50dbdaee48c", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:096c6813-e21c-538b-88db-cd2d9951877a", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba040adc-8dbe-5aab-a588-eeae274bffd8", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fa0aae2c-2b10-53e6-9d76-ce156a84e569", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-jsp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-jsp@9.4.48.v20220622-tuxcare.1" } ] }