{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2044e5b1-b06d-5d75-b6b7-bfb2b71b3d82", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-alpn", "version": "9.4.53.v20231009-tuxcare.5", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:398b6077-d7e4-58af-9912-834c60ab9030", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:30fcc4e0-d36c-5f85-bfdc-e2a568a645d6", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d755df79-6b37-5357-8f07-d7f0797b3c23", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b8fb8da3-1231-5305-8beb-bfb67b8bf376", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:539d5ade-3d2c-593b-9870-9ad3355f016b", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6592c1e1-a4d2-5b1c-806c-db5968c0aa3f", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f1409f94-2946-590a-b5c0-e601aa10149f", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:73981fc9-390e-5add-9b4f-2dd7a8745a57", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ee93c1ac-4226-5d38-8080-5dcee08e2062", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:359e2a02-3776-507a-b6d8-8a241bc7cf26", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6b0cbe4b-3445-5cc0-98c5-eac2b5e3a02c", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a6fd9323-2006-55aa-922b-bb8aca82d32c", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:430236b5-d752-5709-90f5-9cb849b414ee", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0f6cc3eb-c189-5cf9-a2a4-3ce285e9e999", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4610e8b0-14ff-5fc9-a36a-7cad8693b53d", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:45030bea-b0bd-5670-9038-696f80a8fb61", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4dad0db4-ef96-557b-9a84-86feb1608689", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:41aa149f-ec85-55fd-9190-cfb1e900c8ac", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5efc961a-ebeb-5c5d-826a-c305dd969121", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1b008bb6-7e6e-5c95-81c2-267c504d3c87", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.osgi:jetty-osgi-alpn." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-alpn@9.4.53.v20231009-tuxcare.5" } ] }