{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:114b1e28-f7c8-5438-b3d1-10b7c19757de", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-java-server", "version": "9.4.53.v20231009-tuxcare.4", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:12d4de39-9c10-556a-9df2-fe0ec469fff0", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f3e81a11-397f-5ed8-9dea-c47151b97297", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c2a77eca-5536-5b94-b87a-f397d2ba02a8", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fcfaccdf-a647-5e96-84b9-62b5d65f03f2", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f2c9b072-9507-5d11-8b23-bc6393f4390e", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d6537573-5a64-59ba-b1bf-1a0456791245", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ccd32003-c2ee-52ff-80b3-5e01b341519b", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d31487e1-3c38-5824-9f79-0d5b5bf9b3d6", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:34ca7b2c-6979-5fd3-a0cc-5b10b0816869", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ee091821-19ae-575f-b85b-8b981627bdd0", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c6a54d84-3f0b-5f52-a2cf-aee39081c7b8", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4fb6cd92-ad33-53d7-8bc5-8a4928e95f94", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:286120e6-0c48-571b-8ceb-c76d46eb4f84", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:60467ab0-f2bb-5c09-b42e-fa7b8f4cba77", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6825855a-a67d-5ad2-8e89-d74333bd321e", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3a5fb882-4064-5df8-b712-a72acd62c5ca", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:004c5337-4e4b-5ded-978b-5f6fdd05c6a7", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:30d7b1ab-490f-5cc9-b788-807e7478f0af", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9385bb9d-f008-5623-9b99-b4c2a46be3cf", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e1997096-9b20-5b80-afb5-634cdf475033", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.4 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.53.v20231009-tuxcare.4" } ] }