{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b6bd1950-3385-578c-8a4a-ac0e1a1e77d9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-jaspi", "version": "9.4.48.v20220622-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:603f9ebc-a075-5d7d-afa5-b0c4509f2fd7", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ff7dca3-b903-5b9f-aad6-dd20d79ce486", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51286c41-934f-5dc3-bf97-a9b4c51e577b", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fcd481d2-2156-5943-8ea9-6de2979ed2ae", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:905a482d-a0c7-590a-adc4-42921a53c16a", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6b1480ba-b3f7-5318-804f-f25092902559", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61534f7c-37a0-5d3d-9266-2fccfdea8ee4", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f50e11c-3085-51f9-b914-32a3df7bf552", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98731502-0de1-5758-a674-80296557ff07", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:556151c9-dcd1-5d23-9e90-0a9ebd91a73d", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:294b66f9-e2e9-5faf-bc2c-9ae17d5c6bc1", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2a3aa72-3af2-52f7-b452-185a7f5ad972", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30c20a54-84af-5c81-82f6-63eec972e2b3", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:acd3e022-f617-51c5-9e1b-1ad265fd157f", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b94a731-78ea-5597-af47-f1fd6436c8d5", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:080f14fe-9df0-5340-b950-2d7c1c910727", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47a3e6b4-8c9a-5e78-9f1f-85b3b6252ec5", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7916fc1-f13d-548e-863b-3320f7b54df2", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6c109a3-6ea1-55f6-9c3f-800ef9e70058", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6701f015-f4a7-53c7-815e-cb352c2fb531", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76813685-bea7-515d-bc91-bd9b66f3d21d", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jaspi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jaspi@9.4.48.v20220622-tuxcare.1" } ] }