{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:903affb5-e0e9-54fe-ae0f-52c1e051d511", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-jspc-maven-plugin", "version": "9.4.48.v20220622-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8bb8ec14-46d4-5448-9687-4375c5798a03", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8362ac7-352e-55ef-942d-5661a78261f6", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37354843-47f5-5aeb-9f38-049e3302d8bc", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b175cd51-6f60-5c1b-926c-0ee401f7457a", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01d8b62e-a261-5aa4-a8fc-2b85110d3f43", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28ead1d1-9ebf-5342-92ee-9afd7c1b9aaa", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b351cb55-4d91-5bf0-a747-1612c9cbc21c", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a53952a7-d343-5090-a876-350cd070e08b", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33260ce3-cacf-54eb-b4b8-c11d5a6cc304", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:837c60ef-ec1d-542a-b381-7aaf4cbf87dd", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48317b70-c024-5e3e-9d0c-f87dd417454d", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28b6628e-73e8-5074-9653-755f30c6c652", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c981b968-aca8-5aed-b310-c5e98314cfbe", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3d820ba-ad96-50fe-abf1-ac39d981b1b9", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b8bbdf97-571e-59f2-86d3-bd7f80b8d86b", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33ca03e0-5b33-5653-95f3-2611763c59b2", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d62277ea-21cb-5bbb-aae1-1cc4261fd057", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8bdc29f2-3cdd-5af1-b68d-1eb5414d7f98", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:371d6fcb-f5e0-527e-86d9-e2d58f203e2b", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63c06d52-ce83-57ee-9dce-25542dd7aae9", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:beb408ab-d572-539a-90a2-3863f39eef27", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-jspc-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-jspc-maven-plugin@9.4.48.v20220622-tuxcare.1" } ] }