{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c3423b76-b634-5f80-8eed-94deacc3f177", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-http-spi", "version": "9.4.48.v20220622-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d05804b3-5667-522c-aff7-ab7ab576acea", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b7a8fa6-e23d-59db-8a5a-aa34562dfb53", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:433565ef-b811-5417-88bf-50f2f59eef20", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5622f6c4-a5f8-5ee8-b884-7ee88ca3fe73", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8f34270-3441-5d1d-ab19-3ebdc554aab0", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b64fc6e2-29cc-5423-8420-d2fdb5482a2d", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:452795ce-9e9b-5c9f-94e1-314f4f49c52b", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47545d90-89b6-5072-98dc-5a7c855e16e7", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d74ccaf-205a-595f-b5d3-4eeffb446c71", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be2f4f9f-376e-5320-ad25-87528b936e40", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e33c216e-185f-5259-95f6-8041cdc1a774", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e51abf3e-9d1a-5d86-a729-7338bb6de243", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1ebc2ea-32e2-5c49-aef7-17201c36f0ec", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df5bf46e-61e2-56e6-8c60-450ede50044a", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7095d1d7-8ccb-517f-a708-827d47376275", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ec5119f-3e5c-5d0c-a009-5b36404ce755", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c32683a-de3c-56f7-86f3-aedefe66d8c2", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:948147c7-eb43-5f76-952d-546de8cb6423", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:afcc7648-b7d8-594f-ac09-218502a5c905", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70df081a-baae-5c81-9f41-10160923a541", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:51f21466-5cee-571a-9260-8174c740bf90", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-http-spi." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-http-spi@9.4.48.v20220622-tuxcare.1" } ] }