{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:596acd83-0ae0-52ae-869e-40c49758f616", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-alpn", "version": "9.4.53.v20231009-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8f4c5ee5-b09b-5d79-a851-06cfb12140a4", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:91dc328a-cb02-5f14-9010-9138079b2836", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34fb8cfa-f724-5077-a739-5b013bfe5798", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f9a7ff3b-202f-5af9-8566-bbf0218b06e6", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:088a5cf4-58ca-56f4-9853-f45a749ca624", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8054ecca-108a-5916-b44b-03434daad888", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa88101e-f06a-5535-a5a9-5b62468310dd", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7c046dcd-45b8-5ab6-bb9e-6213361d3b6e", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:49c1010a-7541-5d65-aeda-e7c09e199f6c", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dbfb345e-91a5-5ba4-b45a-34fcafc9299b", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fba3e560-f076-5de7-ae6b-2639c1f74aef", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ee5d8769-98fd-5510-bc77-3b32b43df2da", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:127386f2-c8a9-574a-a3d3-ded0f4fdb2e9", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:07c2ee45-f159-50da-8d5c-cec75b495bb5", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5983a629-4b49-5e43-9e40-86da5789a845", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f0c5bd5-6135-52f0-8191-2fcd142eab0d", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:727a58ef-d1f5-5f2c-a47f-aaa616aec2d3", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bf7daa83-c88d-588f-9230-434667a131dc", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6c4b2bcb-e9a3-5064-af70-216144b2cd0b", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.3" } ] }