{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:404b83be-1e1b-5f72-9ade-6c2e52346eae", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-client", "version": "9.4.53.v20231009-tuxcare.5", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b3ffed05-6f10-53a9-8512-36ebab30dab3", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b52337ae-cacb-5b64-81a1-47fcafb98eed", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4c1e33a7-fded-5dea-b2a3-6d2fd64a7727", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb2ca5f5-08e1-5b68-b2f0-1de1c50f95af", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:22fc8589-7b25-5b91-aa6d-06c390913e58", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0419f375-916f-501c-b905-fe35ff7eab20", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6281b4b5-0f29-52be-adac-0264db601b04", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d25fed4-bd89-5e26-8f86-874c312de9c7", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b33804ad-5770-542a-8152-1119d5dda7e6", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4ccc1741-fcaa-5a24-bac4-617384785e2e", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b220638b-abde-5f9c-9f10-e729c474f425", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0ecaf474-9180-5a0f-81e4-5571ff593ca8", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c97745a4-4cb4-5179-97fb-dee58a0febf6", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4841aa57-cb37-5f13-8261-cd9e1fb8d663", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7a52d161-ced8-5db0-a241-8d7e49e89d5d", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1a62d289-2c03-57df-bca5-77f899d100e7", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a09b0cfa-6960-5ab1-8c61-296ab2e3abd3", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f72cadf7-abbb-537d-b0df-b16986fb1e69", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d54f441f-b24f-5522-b2d6-188bb6966f56", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a490a8e7-ab2f-592d-822a-a0eaca24269c", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.53.v20231009-tuxcare.5" } ] }