{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f51945f1-fc01-54f3-9408-69fbad4c329b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-boot-warurl", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ea4af988-780a-5211-9b2e-642c2ff13927", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8aa8796f-1201-5bed-9ab9-ac5e569900a0", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b907071-b7d7-5717-893d-dc4dce90764b", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28e83b96-49eb-503e-a0fc-546b421ac610", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3eaa50f-ce26-510b-bf5b-e3d45cfee6cb", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bdd692a7-4543-5ce7-b1df-0b4d6ee124e3", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13e719b3-5ff7-5b89-bac1-7e1129efdd13", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96c9c730-3838-5046-8aca-8c7aa24f705c", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a2ca1dc-5081-5476-9b83-39a8c4a0ab60", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:289b415e-55bc-5aee-ab40-c13fd1d76c80", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c285ee9-f67f-52c9-8849-5d8a527fd022", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0d8246c-a645-5a8f-826a-56bb1df04104", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ac1e61d-0868-500d-82ca-0021b8486ec7", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aad59041-063a-5c1f-bc34-d59e5a99f2a0", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60f48fe7-caf6-5d56-a589-4ece32c38d19", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39555023-5e46-5ac4-8d97-3c578ec06beb", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:989e49c4-48cb-50c9-91fa-3ae10f8a643d", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3283ea7-3ff9-5a63-8449-25584ac3c506", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4b71994-5db3-5e24-8a79-9bd9d980dbf6", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72559620-3c9e-530a-ad97-9f110244b178", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aed78763-56bb-5b91-aa8b-a58bf9ad8970", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.48.v20220622-tuxcare.2" } ] }