{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:835defa2-f6aa-5b47-b22f-aa144bc85614", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-webapp", "version": "9.4.48.v20220622-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e98b43f6-2b62-5bed-a4ac-2d61ebbeed7c", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8469625-ca7e-56dd-90fa-512568f8aee9", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fa03644-4f20-55d9-8656-99dc1171797a", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:815855a1-690f-547b-aa64-4fa987b28d4f", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f40c590-577e-5324-8dfc-fde419dadb99", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c757687-e7f6-5f05-8512-66392e02b537", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3332d96-a168-525b-83d0-774a67c27f2e", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4c619d5-e8dd-56dd-b617-08d1581d3374", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9cea3d8-7fe7-502d-ada6-1737eb8f42ee", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:687fa6e0-9070-5332-98b9-eae42c3b5472", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb0e1e26-c4ec-5dad-8aed-5a37cb5d7d75", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0acf141-de65-5a41-8020-23ae68ce8958", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7d3e075-d6cd-594e-8453-c16667a9dfd3", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4d184af-6b6a-5721-bedb-dba867f16e73", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4006bf6d-4986-5f6e-83ad-4fd03f38ec9a", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bcb8168f-bc65-594b-a7d4-1054e37ea7d7", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:229ef71d-8fe5-51a5-bb26-1af05bf3dd94", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68479486-8d86-58e0-bc73-a6a6591eff60", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0101e504-61ed-563f-a378-6d0e78b4d8ee", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a584e57c-26a6-5519-abd4-33c2e551796d", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fd01b80-eb1f-5f17-8406-ab820636e088", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-webapp." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-webapp@9.4.48.v20220622-tuxcare.1" } ] }