{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:28329212-4d46-57ec-acf1-3f4be0cdd819", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "infinispan-common", "version": "9.4.50.v20221201-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:53ffbf52-33cc-5670-bb80-85a7bd4c6880", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10870a53-6ef8-5127-b2c0-06bc45b8b8a3", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:625dd589-2692-5260-955d-4c972e9341a6", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ffe80014-b7ca-5916-81fd-306060e24039", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6f1ea7e9-6a8d-5a0c-8a52-3963d8f8d35b", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:96b7906e-0029-55fe-b021-c3a30cd218dd", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6438d1f6-cfbd-52e2-ae2c-08dca67ba9f7", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:921d3d81-1d8d-5148-a75e-a9c8fc0fa317", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ef95979-c1ac-55fc-850a-bc33cb7ace48", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0a08e89-9d1e-5f4b-9834-07c93c6b8a27", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8cc4291c-222e-5324-b584-fafd96b4325f", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:783cddb2-06f0-5a2e-84ac-5b739e73ace7", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:026a1945-47b4-55c1-a49f-134bca21167f", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc2f9df8-b4a2-5983-80b9-b3110c24dc7f", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8dccc5a6-8d12-528d-ad5d-035b8e72d6bd", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f04e4dac-c760-5a53-87e5-2c9de176b331", "id": "CVE-2024-8184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-8184 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:532f8363-7f29-5953-b68b-0334e5f7027f", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:326e2f0e-b02c-5bea-a906-ab4337f6cb90", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7955d6c2-b74e-520d-a050-831d1b2f694d", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24ffed6c-9355-5172-86c5-962f70e64add", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:483015a6-26a4-534f-a9e9-801a947ac1a9", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14c1ce2d-ba94-5af8-9663-8c5882f50678", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0defa6fc-85c5-5740-b502-cf3f145dced6", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:infinispan-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/infinispan-common@9.4.50.v20221201-tuxcare.1" } ] }