{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ae35b6bc-934e-589f-a3dd-b4ba0ec52bf2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-java-server", "version": "9.4.53.v20231009-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b2e107be-df9e-5275-b2c6-143042883d0b", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4665da1c-f70b-5210-bff1-197b3054798c", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55947993-712b-5638-94f5-1f3adf69ea55", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5f944f9-c4c5-5cbf-b0d4-f79477116f0a", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:300cb2c2-4937-5b1a-a75a-c418e9bdbd43", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24a7b10c-3b63-5fb7-89aa-ae31685b24b3", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd417ece-465b-5a7a-b86f-937c7329f160", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38894771-e4d5-552a-a869-3295b1e1d59a", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09ca702e-230b-5566-a0fa-edf5c012f1a7", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c10bbceb-f181-5c84-be82-9778e8d49d08", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:453e633b-04cf-5579-95e0-c66d1a252c2b", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e7991ed-d490-5b2c-9aed-3079e5e5bb81", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5aaf38e-b2e4-59df-8cec-acae067ebc1e", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79c7cc0c-4083-50b7-954f-65ed831c9889", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:034d61cb-efa0-5370-b0b4-0c3dea718683", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb90e0ab-5557-5e74-99ee-646596f2ae95", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a1f0307-1009-566a-9f09-4d4f689844a4", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:415724a2-7542-5f04-adbc-bc1be19a89b2", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7733db72-63e8-5a74-afa9-f0198738978f", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.2" } ] }