{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e2471d0b-0e8f-5452-8f04-350fc9c3e4d3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-boot", "version": "9.4.50.v20221201-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a2515a10-e4b4-5a5d-b9f2-64ca2ea60022", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d8cc394-ef57-5e05-9e0c-04e6452a56ef", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa51b3b0-af1c-57c2-b6d9-58ef5d8e7ca1", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de567338-ecaf-58f9-b7d4-83c48f81b508", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4269d442-7b6d-5f99-8cf5-c3e0a927f3c4", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35edbd7e-07f5-5b59-9463-6ba13d9a4c44", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c43e9d1-7dcc-5f6d-bd6c-685166c82122", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbb16b17-d3ac-5fcb-bbb0-0e0e53f3e42e", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64422a60-c86d-5ddd-842a-33a8a1a53ced", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39da108f-4c63-55eb-b772-668181091074", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:241090f9-78da-5d6c-ab59-0ec779422862", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:495f1820-5ee4-5b1e-a9ba-bbfceec5130b", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecf640e2-0e5b-587a-9cce-cd29b510c589", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:84d4300a-16ed-57e5-b334-8e087a242147", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6159ce9c-d055-57cb-a371-62fe85cb1750", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:caebe9a1-45d1-5200-993b-5e449843f151", "id": "CVE-2024-8184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-8184 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb008895-0aae-5d1f-a63b-fdf860e9022a", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e49fc65a-3a61-5b2a-bd59-a7e1a1b66ab2", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3aba7f45-cbab-589e-b47b-50de9f8d42f4", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:426bb683-d95a-5b21-8493-b34da2e40622", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6afaf666-8728-59d8-9a8c-ba619e82a706", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4dae0e47-d7d2-5ac4-91b5-a634b693b710", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:170e41c9-6c8f-55d1-bd40-e4a85ee82543", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot@9.4.50.v20221201-tuxcare.1" } ] }