{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d0a4345d-dac5-5c62-af67-d4030fcefe55", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.24.v20191120-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-java-client", "version": "9.4.24.v20191120-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.24.v20191120-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7b7745ad-70c7-5f7d-9229-47d2108bc9b6", "id": "CVE-2021-28165", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28165 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ede67e5c-d8f0-5719-b16f-0c96f296d9e1", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec4b8029-37f7-5e17-8ab7-f8204cb59c19", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fce2e66d-c93e-55f4-a484-d46f90eb0283", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1b9a5cc-1ab2-5fd3-aa68-5ca82ff5ca2c", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef9150b7-9d1e-5d6e-9333-0201d8e80c31", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90b90828-834a-5dc5-89d5-8a8d1e6a2ef9", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87ff1f93-8c56-54d4-94cc-9e85a62da7be", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.24.v20191120-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.24.v20191120-tuxcare.1" } ] }