{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dc067260-caa8-5cab-8ee0-fbae721bf30d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-server", "version": "9.4.48.v20220622-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:34342f50-1de5-5776-bf5a-1f5aa339350a", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da927c35-702b-59e7-82ac-f8dbbf0caefb", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f70a7c8-7a8d-50fa-8a96-9163ac7ab375", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf4646bf-cc7a-5019-89dd-59eeb472bf9a", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6dfac1b1-e048-50d9-9541-4e11995ea12a", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb2d4de6-cb22-53b3-9846-850c6a2bb0b0", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ec28b76-631a-508f-9699-89880d1ea171", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98554600-4201-5bbe-a952-cc3186018d7b", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85b68dac-e745-5e8c-841a-28b48d5b2362", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47b8982a-58dd-5438-9bf2-79f83ba3f784", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b777c7c-21e1-5e2e-900e-fabd237f2143", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e585e86-f5c5-53fc-aa19-60ce041a7557", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36b041ab-0407-5285-ab52-ce467266f7f1", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:443a95c0-8d16-505a-81f9-4ab0cae2625a", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:123d876c-9187-53f9-bab1-f17007b12b0a", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ce4db65-f148-5b41-a53b-2abe7fd8c421", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:548ef66e-515c-5419-b45f-224cc833acc0", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2029e1e-3954-5a09-84ad-97aa52df8604", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bace71eb-a610-5acb-9d94-b470aa755414", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:02d78118-2d30-5681-bf93-ceeb14cd6f0c", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:913250d7-e9f9-57a8-b22f-aaa3feb720c4", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.1" } ] }