{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:22108fae-09cb-5f27-9223-ae7453599d65", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-alpn", "version": "9.4.48.v20220622-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:112140e0-9364-5f0a-a7b2-15e424ce22c7", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cbb8c404-9da8-5e39-8b61-87e352f510d0", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5be14f32-f33f-5e18-9b39-825dee53ad51", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:108ca185-fce6-509e-9465-69cb9c2ed73f", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52b8e45a-541a-55e6-a689-8de7d02f9780", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b75a071-9bd1-5b66-bfe6-99c1b5314b48", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e5d5d7c3-545a-5491-a48f-ea8f900ecaff", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6c41d9c5-35ee-58e5-88a3-4cf85d0c1c9d", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e635adfd-6e5e-5101-8ae8-b25363297c40", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a89a8a4-c04c-56bb-9b97-23a9dc341343", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a8b25c66-e896-530b-ae65-fa5605c1ffa0", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b89bbd68-aeb7-54e2-b45c-c93b74996362", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3297233a-8023-5027-9e64-da696c835010", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be2dbc77-0d0e-5a85-9035-b733f6261b24", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f01e649-c043-552f-8e32-eab3a25e7240", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fdfad955-04cb-58a0-8598-cfe9633e4e10", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aea0497c-7e26-5d35-9f08-744a6f8878b2", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d6cd664-63aa-5fac-b98d-33410e4cdac7", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef36a5e6-a8e4-5abf-aee3-fa10683c5f74", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d467d73e-0cc5-56ef-bd89-8bf2d501e316", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a07675d-e1e3-5279-a03c-fd0cff154293", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.48.v20220622-tuxcare.3" } ] }