{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d6badc8d-d93c-5129-b64d-ae6f4887824e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-client", "version": "9.4.48.v20220622-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1a9443fa-72ec-53a8-a94f-c4638728ea8b", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f790489b-67c4-5976-a0b9-4b5dfb2ac6b4", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a351c075-8e14-51fc-b6c2-9461ca6f4543", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d1d473a-0a93-5b89-a08e-51842f82f743", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:434c454d-1311-575d-80ac-1a8afde82105", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5409db41-aeab-53b7-8f60-6aa6392b4504", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ebfd943d-ef42-58cc-b179-42136dbd272a", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52b65795-9eec-5408-9a75-b4794a783cde", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed9df2c7-b76f-5605-9c48-0e3dbd517de9", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9c4eea15-d71f-5948-af36-c5153814cfde", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32c031bd-ee9c-5305-89e5-3845ded6c83e", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2c72a1ce-efe7-5a31-a155-15bf3a6226d4", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1abdce36-c02b-5637-8c76-e03da421e991", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a8538ee3-825c-5626-b10e-44f1b7958cf9", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4f1d5ba1-d537-5506-b75a-928475ecde3f", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:447485aa-2c9f-5faf-a694-c123c2a11512", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:451f671c-381b-57c7-84ee-00abc5ca4af3", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:745f3007-fbd5-5eb4-b38f-5423fa0fb37b", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f46f93f5-44e0-57bb-b8b3-73c89ad6c6e4", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:267c54ac-0c1f-5439-8db6-bb240f7169bc", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1bd9b35c-362c-5908-8c43-88b808f58322", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.48.v20220622-tuxcare.3" } ] }