{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e7f9b1e1-59cf-560f-925f-e0763496b4dd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-java-server", "version": "9.4.58.v20250814-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:423f0da3-d5a9-5dec-8257-a710a48f2499", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b35469d-587a-5560-84c6-5dcbde28add8", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dac29af3-e535-5218-9748-4c2a4641f131", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c5978ad-3ca3-503b-9bac-fccb34680bd5", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:99bdfa8f-d4c5-5dcc-8e65-9c4dd78acbec", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7c7615d-d17a-59c5-82d0-339bd4c3d82e", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:329d8fe9-261f-5d15-86cb-69f1311cfe0e", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1660cd6-f9b5-5924-82a8-f46f3b955b7a", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4999e039-29d5-541e-be87-24a163f76aa8", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2d9f7a6-68a2-500b-9c43-c8f8e16677d2", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f83482b3-7163-582e-bad4-59193c0432c9", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b6a2561-5409-52dc-b91d-5d151dd3a7d8", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d409e6d8-7243-515d-8de3-eef6feea1a90", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9aaad699-81fd-5b78-9980-123399c3aa96", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67154687-bca5-5719-8da0-3b58ee592c49", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73fae308-15c8-511c-bfa9-012a989a3b01", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb252148-636e-5d40-8a4a-ab7926cae2fe", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty:jetty-alpn-java-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-java-server@9.4.58.v20250814-tuxcare.2" } ] }