{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9c6e6682-2ba4-57e2-8621-e2f4bf6a7ac3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-deploy", "version": "9.4.48.v20220622-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:49d9f66a-bca5-5a29-8205-0b26ab6319f7", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0fac50a-da18-5469-9148-d3d3d56096a8", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9f3084e-ef11-5931-bd14-639284bcebb3", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2de5a07-a35b-558b-92f7-038212f22984", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:08ceec47-3c96-5ed7-bd2e-cbbbd5ec0c6e", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20188aee-bcca-5753-a33b-2758330e791e", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee393315-7efb-50c7-b084-3fed14a3a798", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c35e7361-79ef-5508-845c-b516b46847d2", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4191b375-51ea-5e5e-9fc5-219131c39a5a", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ffb81019-0066-573c-8778-8e73c52ad262", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cee9bf97-a0ce-539c-babe-66467666b75d", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6cce6950-2929-5d3f-b306-54e09523fde5", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2040864f-68e5-53f7-a705-14b55b1f1ee9", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8404cbc3-842c-5ad2-b19d-7bf70459b8df", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef0bf4ac-867d-5a24-a748-5c5bccad3b6e", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64470f5f-3b6e-5bf8-a4d0-2c79841ce0cd", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00759203-8972-5179-b9ee-1f941b04c1a5", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72d1c7e9-0b72-53d6-9983-2a31ea31ad72", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1439306-fd3e-5f34-aa60-6b86971d465c", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea7ca890-17f7-5e39-86c7-495320ba1cc1", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d56106d-b439-5c7a-bc2e-c01b90f6b555", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-deploy." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-deploy@9.4.48.v20220622-tuxcare.1" } ] }