{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:900e7931-63a3-5ac4-ac9b-bd5426a55b9d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-client", "version": "9.4.53.v20231009-tuxcare.4", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b51c3f62-d105-5dfe-890a-73a8a8e7b916", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:138fe6dc-975b-5808-bfc2-0c1ccfa070a7", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:50c3c769-c2b7-5191-a665-9f683bd7fbb6", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c11bdb2a-21e6-5c25-b6a0-e35d88b9d191", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db6f53e8-e1af-56e1-ad0f-228b14549bf6", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:17ff26ec-bacf-5e2a-a859-637f747540c7", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab9a1dfe-9a70-53e6-b645-718198430d24", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7c33aa1e-48d0-52e1-9823-f67ba906e687", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe0361c0-7844-579f-8880-793e7e821808", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:be50a7de-f861-52d4-a18c-ea39e4bea24d", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b431c00b-a81c-5d59-a31f-976f3095b798", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:adaf2ade-59ac-53fb-bd87-286ee4a53a4c", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c15dfb08-edab-5a24-84fd-0b801920948d", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b38e52f-f496-53f5-a29b-8d36338c5b5f", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da3b2d86-af5c-58c3-8a0c-f76340921e5a", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cb4ae21c-0d23-5277-8cec-ca31a529f939", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2acf7be1-85a4-506f-a7cd-ba068b63a7cf", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bdb81dff-d9a8-5dd6-853a-a56828e1b520", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ae323e25-c58a-5252-9ce3-e0fb2462393c", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:996a79f0-8474-50e0-8d28-2e5757c32e7b", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.4" } ] }