{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9492e9a8-ab3e-501f-86fe-20006514bb30", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-java-server", "version": "9.4.58.v20250814-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d021d003-d53f-54b4-b614-06c43150a81e", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:570d3318-6e2d-5b9a-b0b2-1d6dbb3a609a", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:436ef61d-fbf5-52e2-8be0-5012bf4de7ef", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:367c9e98-9271-571c-9066-2df286232346", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f70ca26d-9027-5bad-8a56-0834fa4e2742", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0943c597-138f-5097-9194-a9024e5855c0", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b5a2b9c-71cd-596d-a184-20974c17c1a3", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:887b91ed-ec12-5247-a469-f4c077709fa0", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2170857d-010c-5d76-88fc-c3f10c8941b3", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4851079a-79d6-56a5-8f8a-4f5b69dc1b19", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b63e06ff-69c2-5949-a714-26b038d85139", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21ed2bcb-9267-5a78-8a42-ae91851d4daa", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95f90158-cb7c-5ebb-9e1f-623ddb696887", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1b2934e-0463-54ec-99a2-b947672e637c", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c15fb926-4105-5b66-8530-9379a77fc044", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:026b61a5-5b75-5769-8716-cd7fc67c3d76", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f5631f3-0453-5266-9134-30f58b5bcb82", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.1 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.1" } ] }