{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:03ec332b-ec8d-5b3d-a863-2c83159c8d50",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@11.0.19-tuxcare.2",
      "type": "library",
      "group": "org.eclipse.jetty",
      "name": "jetty-alpn-conscrypt-server",
      "version": "11.0.19-tuxcare.2",
      "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@11.0.19-tuxcare.2"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:62b13c85-a8b5-5ac2-90e5-673629e86d75",
      "id": "CVE-2023-36479",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36479 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty:jetty-alpn-conscrypt-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e79041f8-a570-59b0-ad1c-e648b935c6eb",
      "id": "CVE-2024-22201",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22201 is fixed in version 11.0.19-tuxcare.2 of org.eclipse.jetty:jetty-alpn-conscrypt-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bcfe6d56-ae9d-553d-86e6-5c4062b5fc95",
      "id": "CVE-2024-6762",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-6762 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty:jetty-alpn-conscrypt-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:eb8b0910-cf6c-5b7e-a7e6-7aa84b5150e6",
      "id": "CVE-2024-6763",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-6763 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty:jetty-alpn-conscrypt-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:480a39fc-03e0-5365-bf51-7a83e7405ae9",
      "id": "CVE-2024-8184",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-8184 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty:jetty-alpn-conscrypt-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c2948c97-71e9-5190-a941-fd9b6e5ae7cd",
      "id": "CVE-2025-11143",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-11143 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty:jetty-alpn-conscrypt-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a211949a-1a9d-596d-8baf-f45bf73cef96",
      "id": "CVE-2025-5115",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-5115 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty:jetty-alpn-conscrypt-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f9cb5808-2add-5396-975c-5e0f119d98f4",
      "id": "CVE-2026-1605",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-1605 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty:jetty-alpn-conscrypt-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f740e3ad-eb3a-5cf0-a19f-45abb4eeefce",
      "id": "CVE-2026-2332",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-2332 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty:jetty-alpn-conscrypt-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:70806068-c159-5920-a05f-69f53183b516",
      "id": "CVE-2026-5795",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-5795 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty:jetty-alpn-conscrypt-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:56da371a-1844-5333-a6d1-110c025ef18e",
      "id": "GHSA-58qw-p7qm-5rvh",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 11.0.19-tuxcare.2 of org.eclipse.jetty:jetty-alpn-conscrypt-server."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@11.0.19-tuxcare.2"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-conscrypt-server@11.0.19-tuxcare.2"
    }
  ]
}