{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2dfb6d7d-953d-5c3d-8f9c-8beb75b81294", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "infinispan-common", "version": "9.4.58.v20250814-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2e0a59b0-8797-5a04-b603-0e550198abd8", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:81733a56-8e77-5b7b-ac14-cba8c4077ada", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ed3234a-d20c-5c64-a022-c49b849c469b", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a8a2fff-b420-5221-9e47-1e0875ec5039", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4cbe638f-1bfa-5510-bd71-cbaef4c7e4e9", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:413b69dd-3df0-5e49-a0e2-4e26bd656e2c", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c7e3afc-8f2e-50f5-9edd-d11a2d73f463", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c0491595-d20d-5493-ac30-7e67c60974e8", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e7bc418-4b9c-5f77-a190-5f3b543bed59", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97ad2b5c-e909-58f7-b44f-67e0f6267abf", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7773b373-94f0-5357-85ea-3ee3fcb4769b", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5da43fa-4ccc-5098-b464-793cfcd2cdda", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1128cd9-96bc-5bb8-b04d-7ec3d58dffc7", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63cd6799-e8ca-5251-9d4b-ffab699cfe22", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f3e913c-18ee-52d5-a6fc-10c60665a80f", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27bdd1f7-dde3-5970-82b7-653b9b56e2bb", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee2b6850-0f8e-55d9-a17d-174159be787b", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.58.v20250814-tuxcare.2" } ] }