{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2157affa-8856-59e7-afd7-7476fe0862fb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-annotations", "version": "9.4.48.v20220622-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cd02e341-1c77-50d9-8940-ba57f63c4e88", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29d97ac4-f686-5f46-912e-4dc50d70b832", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5451d40b-04e6-5528-a49f-a5113d1cd80f", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:947022e6-bc56-5fa2-9312-2a4599ff54eb", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9460be6c-2f66-5d66-8df1-789dab22644a", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3cf39f01-b849-5375-b3ec-07e84ff4f6f9", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e15bf875-1c47-561e-badd-95876af7d0b0", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f0a83c3-2f5b-571b-b18d-056ccd4c4225", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ace3ccfd-d3fb-574a-a3ae-576b86f85de2", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f033c028-646f-5753-b0d6-51c18d7d8878", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aabb1db5-1f39-52a0-8e61-1fd35b19df6a", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f03def23-1c47-5fb2-a4b2-b3e73e35dbb9", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4479754f-ea47-5f41-86d5-6bedcd3d4ab4", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ab334dd-72ad-5b9c-ab66-135b3950c359", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f908cf28-9373-5a98-bb7d-33fb9b1baa51", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd58de85-378e-5fd1-ba1c-588743f20be2", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:465af21a-d3ee-5373-81d3-79363910aa34", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e08f4b2b-0f7f-5fbb-961a-134f02a3c6d2", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:45097403-8a4c-5ddf-97aa-d6e89a77f684", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f88095db-5409-5dfe-960d-6408205268db", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64fcb348-e36e-5e9e-b65a-d69d858a468b", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-annotations." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-annotations@9.4.48.v20220622-tuxcare.1" } ] }