{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6957487d-d4b8-5763-99fc-36778f6df132", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-boot-warurl", "version": "9.4.50.v20221201-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:38b8a38c-4bfd-5c44-b305-e333617b35b4", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:997ef99b-8b33-597d-a3ba-56ff83edc7d9", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a4f1b4c-da5b-5714-8f5a-e50e64eb4233", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e31fcd5-2323-512a-bd0c-7917872dd34b", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10cfa426-aff7-57ff-bf55-8cd1f2bfc0e0", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb065728-494f-5f13-841c-f0e26a88f0fd", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16acdff4-6ca3-5f96-b9b9-2fb6cf392fe7", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27ee728d-6c69-5d2e-9745-731eab236f9f", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c46dd6c-7c01-51b5-9a78-344bdaf99651", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2513aa4-9b07-55a5-9756-743ae363480a", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:480b5a42-e959-51f3-8245-3d80bdd08802", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0cbe660-3916-5300-939c-8d53c1fed881", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:912be051-9401-5bea-bf31-cd208409899e", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e60ada1e-84f2-5081-b303-e896d9849f87", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23d12e53-7710-59f4-84ff-1cba7d69da4c", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e583f14d-b518-5900-931c-49b1541188be", "id": "CVE-2024-8184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-8184 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77c06ae3-fccc-5c4a-9d7a-b31033731354", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9672a73-5024-52d6-b773-9cd9c4b2c7d5", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e510603-0e42-5944-a80d-b5d3bd23b928", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2c353a1-c2f5-50bc-b934-2987d3428ab0", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4744f895-fac5-5fbd-b3c8-869f0968becd", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92af299c-6b3d-565f-ad2e-80c49281c620", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:401b7827-96bc-51d6-8b68-6b9a2e3e40ff", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-osgi-boot-warurl." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-boot-warurl@9.4.50.v20221201-tuxcare.1" } ] }