{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4de1494f-b694-5889-9b29-cf382446cee0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-openjdk8-server", "version": "9.4.53.v20231009-tuxcare.5", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ad69bd20-fe1b-57d7-9ee9-dc946d3e1539", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fde512c3-614a-5a4b-81f6-8775f7ad2136", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3f2a5494-dc35-5406-a0fa-1d1806b9d16e", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d433fb72-713a-55d4-81e8-a550d72c6576", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1402171f-976b-5bc9-a175-12aabba7d5b8", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2aaaf537-7c96-5dcc-a1d6-62a3ef7f0d6e", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:531ae8f1-28be-578f-badb-e7902d4b8146", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b38ebd08-1fa3-5575-ab1b-24ffbc3907b1", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5f47f524-6b5e-5589-9a48-b9547e95a43d", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2dc6ba71-27cd-56e0-a1b5-2575ff025f83", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e28b12f5-8695-5df2-9ab3-8d5d8dda278d", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ad62e8e7-28aa-5142-9d47-445012cbb942", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bac67ae7-8c23-5792-b410-11cc017e38f5", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:893e39b6-b974-5972-bcd9-b3058c836ffd", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cfac5a52-d6ee-5b33-a814-4d367a73c456", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2dfd473d-741d-5ff0-aa86-3d30f3f04f78", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:24c38cf9-f21e-5197-8ccf-61e803d3f0ea", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e263ecdd-2aab-5c24-b678-282c2b340762", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eb713bc1-e52f-5ff4-a6ca-d4a10fac4832", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:be408a44-e4e8-55e9-be79-f0178c37d797", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty:jetty-alpn-openjdk8-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-openjdk8-server@9.4.53.v20231009-tuxcare.5" } ] }