{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7febf5ad-e25f-5379-80c8-74560952dfaa", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-plus", "version": "9.4.48.v20220622-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f26554ab-ce70-550a-8bf7-beff12ff05d8", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51fa70ba-97f7-5081-b564-fcd3595afa53", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8427459-12be-5f9b-b8d4-cd94160038a6", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:366ae7ad-5fd8-5318-a872-9cf11b5a4266", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a0dff8f-5856-5cdb-9afe-716224514b65", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba940dd1-79a7-575d-9e71-c983e847a952", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb835267-217d-571b-92c0-78092b211a30", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8dd60ace-1590-5ccd-ae8a-62a665d9a3a6", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06813c8c-126f-5a86-b611-6b1c0a7c4278", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:164e3198-5de6-54ed-a72c-b319dfe9c208", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23941ea9-ec08-50ba-bea3-7385f189fbb0", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17e21d56-78a8-521c-9022-e0e8ee996b75", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec5b14a3-ad1d-5b24-8b87-a3dda9e70374", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:152ff4b8-297f-51c2-999c-748a81fa2575", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:996e5847-bf81-5f29-abc6-d8fc63c2b9a2", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ada42b74-2ff8-527d-9585-cce31516dde4", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3950f306-9be4-56c3-b50b-3c4da0fb8d40", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f5618a5-1acf-5543-9a8c-251618f89d1a", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a918241-d439-5c08-b357-86967d2373d8", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e3cfb09-2350-5a07-b6e5-a4a2d1b50d63", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e5ed5f2-3760-5166-8693-cf25680f1e34", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-plus." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-plus@9.4.48.v20220622-tuxcare.1" } ] }