{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8aa20b84-c8cc-5c79-b71a-d5e6c1e0080e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-client", "version": "9.4.58.v20250814-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dce008f7-bb65-58b4-83ec-26a7d332f253", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e27d88ff-93bd-5903-b72c-a7011ba276af", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc1f1320-9c28-5f5a-b8ff-e45df628a3d8", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9962a72a-3014-5028-be71-e33a39129087", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b6c67ed-6f5f-5f0a-bf5a-838f33d6d19e", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ea15d4a-02e8-59c3-b315-76a341a1e38e", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:599af93c-0d23-5646-9a77-90e5f37d0c87", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78071183-6c2f-5d9b-9027-aebe0f1b950f", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73d08034-b768-5161-ad6a-b92de6e5d583", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d5eae68-b9c6-58fb-8c85-388ca9679b29", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:678fdac7-7607-5977-959e-caf5652b6ad2", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b6255d7-aa54-5767-9cf3-dbbf6a44b981", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac4c514c-e096-5215-a63f-3bc7170e5d62", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6e2cab9-6fb9-5523-9b22-191de41d0f72", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b517a82-f811-5a6c-8d0e-fed7f2592c18", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5e4e774-66df-5fc0-993e-7e4cc8ce0795", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57cf34b6-1154-5cef-b677-b4fa59682045", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.58.v20250814-tuxcare.2" } ] }