{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6853cfa6-2474-5298-82af-48bb8f2f432f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-conscrypt-server", "version": "9.4.53.v20231009-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f4139a46-c1bd-55e7-b543-72ac759e4039", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:974697ee-c1dc-59fe-b6e4-fd2a14a85cf8", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2962f0f-4ee1-5eea-a828-64a16c5173ca", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:920e3237-c3fd-5869-a983-a4f5ebc6ecac", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d2c176c-7d0c-5503-8308-e7f7f85add57", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:225c937e-dd4c-5893-8a26-8ea9fc99ee91", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b6a08a81-d427-5e44-ba44-e16b4fb2afe9", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bbd3fd07-72df-55de-b9a0-3a16aa16dc5a", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f136db6-708f-5d9d-8217-8614f854f039", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9cdb0f2a-d609-5abc-82de-e58e558052b7", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4977ffe0-8b36-519c-b302-2b876c8a485f", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:98011d7b-e3f9-5d65-945c-b74c2ffbbe82", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2de9eff3-9678-580f-9fdf-dc2275641b4e", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a378b096-a7af-5e0e-99f0-4e49821d6120", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:117630b5-1171-5367-99a8-9238333438d9", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:00912b8f-7198-5415-8704-644dd7baef85", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:502a51a8-58d9-5eff-9cec-928bb2729386", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78f9ecca-d039-56a3-a909-7e2ba5a4ee18", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b51592a4-fff1-5c38-a538-6c77a0094873", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-conscrypt-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@9.4.53.v20231009-tuxcare.3" } ] }