{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:745d1b18-ee7e-5a6a-9887-fe4ad6b97ed9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-server", "version": "9.4.48.v20220622-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fc2f919d-a8ae-552f-9ae8-fb57efca9409", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a949bcd-8356-5e8c-9482-891f37749f97", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d6555a0-128b-53dd-a839-2a4868b684fb", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9894e8dc-55b3-5c73-8450-c2f935e884a2", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ac8fece-1997-5cf2-b9c1-c2d85ec4ef88", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16d5f1ea-18dd-58ea-8bf1-08f49993199c", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:937d349f-503b-5652-95b1-a9e17bff0ea3", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c386e8a9-4103-5513-a1a0-4be3fd4741e4", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f01545b-a1ed-5a38-81b6-27809ac5ad9f", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff25f3bb-576a-5bd0-814a-82ea98a2e5a2", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b33e2a1-dbb8-5513-a83f-5bbbe1531ecb", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e85e4b99-1201-5fdf-83e5-f162ab9b1407", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c30c799-47d5-529f-a8cb-692c6857970a", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e30bdeb-5c96-5710-b837-12b17e56d8ba", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e003ff0a-9ee5-5e3b-a69d-5fb79bc59fb2", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6eeab23-d3bb-5b83-b16f-1a2ad433bded", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0101a669-9742-5b2c-84f5-549228d69903", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1463a1a1-a37d-5d88-831f-095ebce84637", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f53f433d-b5ce-52f2-ace5-b473d4b15001", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f4312b8-4c72-5807-be75-ca6ec232e4f7", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72dc4515-87dc-5bdb-9448-334eaeebd82b", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.2 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.2" } ] }