{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:07639199-957c-53b7-8296-5876e43b2721", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-java-client", "version": "9.4.58.v20250814-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:88438f76-804c-51fb-8794-07da9d67244b", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49815e8b-661a-52f0-8ece-83982c1331ca", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4707018b-bd62-5f1c-abed-88147f35fbb2", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c847489-c3c5-5b55-84d2-7860dad67b78", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f669127a-bd48-5a40-97a8-52978f5f2810", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85529fdf-4718-5089-bc74-7e0d7dd9b4e7", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc70b1a9-6312-5608-8aee-6f1b3007bbcb", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9af99e8a-34ef-5953-bafd-7050179772e2", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29571e65-c7c0-5b27-a46d-99deb61e1f2b", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ae19c7c-e157-5d5a-a5cd-589231d987b3", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a2d1b6cf-351b-5ade-891e-e4a1ac26c22f", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bddbd447-72c0-5a29-9ce7-b269e8d2c28f", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f32d3e85-5451-51e1-8619-4dfb43b928bb", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51a280d4-b7a8-5578-99a7-d6795fab5d11", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2ed4139c-49ab-5a35-944b-4e927f7ac76c", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63978503-4ce2-5bfe-ba67-c61199bf17c2", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c1c8f74d-2975-5518-89c4-4fb2286b2807", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-client@9.4.58.v20250814-tuxcare.2" } ] }