{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:14ab8677-ee5f-5720-baa1-3b88136994ca", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-httpservice", "version": "9.4.50.v20221201-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2db6df51-a8cd-5582-85e4-ca59160edfbf", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e897aa1-6611-54c7-8e18-96f5a9a9f482", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8892f81c-f49a-543e-b68e-8f8fbea1b1ca", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a0508a4a-697e-5747-974c-40a2df84f653", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:074b19b7-497b-522b-b3ff-91cdff6ae38c", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2728022-da31-52f4-920f-da812670ffb5", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f67f3ed0-1ea8-53ea-b6f4-1139e3cdec92", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c9acad8-b8bd-5053-bd02-7a55b287f0a6", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2772b06-fe58-5a07-a127-998350511aed", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16df46ef-d03f-5216-b74a-a7db42693f55", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86b6206f-7b03-5c7f-935d-c3fed309a152", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e138e5bb-1ea7-5bc3-a11e-bfba425ad548", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6a43318-978a-5f49-88c1-4c09fdd6d648", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74ee84ca-c632-582c-957a-9504faab18ac", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e66e4b2-de8d-5848-af68-72c29586c8d3", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20cc1aef-d228-5f23-bdb7-24f3cf34dbb8", "id": "CVE-2024-8184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-8184 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ffa7fdc2-d68d-5fc6-8c06-e3450a49508a", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb78ac35-bf78-5fdb-8a11-29d9b92f1f34", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:408f3595-a793-5d7b-9fb5-870b556862fe", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:035aca45-8470-5b44-b312-d21b99d635a7", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a74c3c2-0254-51b9-8fb1-530ed5ff9b75", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab46da36-72d1-5f87-bec3-e90ad0a80881", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3faaa6df-34f7-5914-a1d6-d72c52d4bac2", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty.osgi:jetty-httpservice." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-httpservice@9.4.50.v20221201-tuxcare.1" } ] }