{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3077a038-ad4b-5b6e-a9c8-270cead26a8b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-alpn", "version": "9.4.53.v20231009-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:80447bce-2ed1-5453-9ef0-3c6796da3ff1", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e857580c-b585-5b5f-a8ae-ed9bf8ae291b", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:efe4419b-8cc7-5c26-9af6-fceec3b91a9f", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b3c4ff1-5314-5500-b8bb-7782051bf33d", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fe786bd-83d7-5c53-b0c6-4739200b87e8", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4246eb28-b49c-5a62-8b51-5d4a546ec00e", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:740cfbe8-4c6b-5161-9dd8-7e2f49d907f1", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aaba886d-f112-5260-8637-b0210a8b167e", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d07a9c7-5597-590d-9b70-dbd65ab73203", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8de8984e-7712-54d0-9bef-885f62b4120c", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:888dbfe7-bc36-5f54-9530-e831c18a1fc5", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f4d00f5-a246-542e-b555-4d6eb4ae998e", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06146849-d8b4-5a5d-a7cb-6896946e66cd", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a016bcfb-41af-5e3c-9d16-086a0472939a", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60b7074e-f91f-5f48-80c5-880493147c45", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0449c664-9390-5c3d-b61a-2d5f352f1345", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87e86638-d5b2-5d6c-8fba-0c4e188f886f", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ac99d4c-339b-5127-b4a4-241e069c3969", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77254e44-2c28-5729-bfed-910a56feb176", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.2" } ] }