{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:41fb9d01-fa86-5ec3-921c-a4e50e5904c7",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5",
      "type": "library",
      "group": "org.eclipse.jetty",
      "name": "jetty-alpn-openjdk8-client",
      "version": "9.4.53.v20231009-tuxcare.5",
      "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:766baa8b-291f-5466-ad95-028fdfbe80ae",
      "id": "CVE-2020-25711",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9c9d6afc-d6c5-52ff-9367-e63df5b4c028",
      "id": "CVE-2020-27216",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:07871f8e-b479-5a78-ad4b-7e43f6377f5a",
      "id": "CVE-2021-28169",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:03cdb178-c4c5-5b50-b000-b4bf82e6cf7f",
      "id": "CVE-2021-34428",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:096f3148-003f-5a61-84c2-bc1ab9c859e3",
      "id": "CVE-2023-36478",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:da4f980c-70ab-530d-951a-b40bc07bc56c",
      "id": "CVE-2023-36479",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5585c7e9-1231-5ba7-a20e-d33030bc7c97",
      "id": "CVE-2023-40167",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2db2f7dd-087c-5131-94ec-097279264cde",
      "id": "CVE-2023-41900",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9f4e8e8f-487a-5e3b-853b-975143157040",
      "id": "CVE-2024-13009",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:2f292654-5c7f-5716-8c8b-72b89a5837f9",
      "id": "CVE-2024-22201",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:56ca6f8c-4d87-5eb5-868f-18eaba325521",
      "id": "CVE-2024-6762",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4b97934e-b850-5710-9f21-a5838164c380",
      "id": "CVE-2024-6763",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f64b7ccf-f651-5a45-a271-5c8182db9641",
      "id": "CVE-2024-9823",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8a938170-a2a5-5cd7-ada7-e224644d331d",
      "id": "CVE-2025-11143",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d4b66469-b4bd-5e6d-b094-1e26cfb6cec3",
      "id": "CVE-2025-1948",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d7031ebc-1160-5db8-9a6c-e2fba973331b",
      "id": "CVE-2025-5115",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:30279f78-6fb0-5160-8100-d92aaa7d21a6",
      "id": "CVE-2026-1605",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d0088091-e15d-51e0-931b-e48fc6326ac7",
      "id": "CVE-2026-2332",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:166d2fb3-eb66-56f7-86e5-f4e7da139415",
      "id": "CVE-2026-5795",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e21c8664-f864-5124-a7ad-51ba4c4a2070",
      "id": "GHSA-58qw-p7qm-5rvh",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-client@9.4.53.v20231009-tuxcare.5"
    }
  ]
}