{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:555b40ef-25c0-5262-b475-78b95239ac15", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-java-server", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7fa1864b-e83f-52ff-bad8-eeb5cdeac8ce", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca5e975b-4069-5735-a562-a0d4f030d9f7", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc6a4aa6-faac-5979-95cf-9760a9e7f446", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ae76306-2656-53f8-b15e-514b1e5ccd5d", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f2e6e73-cb3d-5d0a-b128-7d9e3859c608", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a30ea099-a030-5c92-b0e5-ef22d6257452", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7c8fa32-303b-5fea-ad82-ef1803bda194", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3543534e-7dc3-5ab7-a5ac-d4528d4aae0f", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:535195f2-9477-5175-9a55-947c79aa8600", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:866f2a4a-3e32-58ec-9c01-626a243f1b22", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48bb3f55-1e34-5f16-93b7-101e2295842d", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bffec112-80ab-556a-8d35-2fe7a9f25f3e", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a89a85b-ae9c-531e-ab62-6d2f16e35904", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f59dc9ac-ad6d-51c5-87d1-48f56acfab57", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38bde526-0a30-5227-b1e6-d77d823c10fe", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17ab06dd-30a8-577d-81a6-1fe2657797ea", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65946f48-aca6-5b55-8cf6-2b5497f7b518", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e2d9d6c-0c60-5255-bf25-91f686d961ee", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47bcd996-3214-5c10-aacb-4ec1f4c77825", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eca07caf-e36e-59ef-94e0-e9235f57d212", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3d0f353-ccb3-5daf-acb2-5f0e5c3f717b", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.48.v20220622-tuxcare.2" } ] }