{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b4aeaa01-393a-5e9a-956a-8fed9d35109a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-server", "version": "9.4.53.v20231009-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dcc718b0-2cf2-5c0f-8dca-b12de4451da8", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dac0b077-e035-527f-9122-bdf5a72ace77", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3c7a65f7-c932-57a4-a137-c97b269e7f05", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02526a85-3baa-51e7-a11e-e4764f209009", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7bc5d5a-a475-5ced-b7d3-0ecf11aefae2", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27e33dd4-d81b-53ac-87b0-3cb95ac675b3", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2018f3a8-b862-5cd8-87cd-62468ec06af9", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8c8e9448-1384-5847-af7c-32e88bb90709", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0e76838-e418-57ce-acb4-2dcc0e3b3db0", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f85e047-2b17-5ccd-ba2e-5e80e95e5759", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:39931348-a2be-5ff0-ae84-ed783d4a7fc2", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ce87582-c441-55af-b896-dc82cad85c43", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d3e96ff-f95f-5225-a907-ce5434ca2509", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ede26b78-d8eb-541c-9702-ac31672d0f06", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:de55272b-04ef-5503-a385-7dba511f9a45", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0874fe18-78e7-59fb-9805-b4985a688795", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:21a2266f-4808-5cf6-b223-3767d9c15bcf", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:71afe0fd-b48f-55f7-ba0b-2f0fb6990708", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d458155e-49be-545b-9d1e-3b130a3fb1a5", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.53.v20231009-tuxcare.3" } ] }