{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0acda69e-6bc7-5d9c-8935-0e355fc84815", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-server", "version": "9.4.48.v20220622-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:09a2a826-3034-57fb-91ab-f6818e2c5bec", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:12b25858-9a6c-5a5f-acb4-dfaf33f17c1b", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:658eba73-0153-5442-92ef-559890b36048", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c541c4a8-b958-5773-b889-17ce1487cf42", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3e0682f-1d9b-5ec5-987e-1866175b1b43", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0447c35d-896e-50e7-9667-7df1d316383e", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:517ecd6f-38ad-56d2-8730-6319692c8edf", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a7ebbd3-ba7f-5355-9269-e78699188126", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c0fa2454-abc0-5543-a14e-f3c23e73e1b6", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d81a6cec-5116-5f24-895c-5f304a219758", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4f765edb-95f0-510f-9b35-a4c09db9a002", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10951640-70d8-5d8d-adb7-c8146a0545e4", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:01b38dec-b963-5d32-aa40-f426f06c7f88", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba3865c0-5baf-5217-aede-01e5a3f55c6d", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7fab7365-9520-5333-b8d6-7fdfff9e7747", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f19e6697-c8ac-54b7-bd6b-b5652e1bcd73", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ff74c4d-7c68-5e6f-b9da-11a28d250082", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5418f87-179d-5357-ae03-45ce5b251bb2", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dc13aadb-9298-5d07-8ace-11d4ad9dd2fb", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:01d54db9-5288-562f-a451-25f8cea98517", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4ff3630-0ae8-5db0-9832-c5d9f4aef6c5", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-alpn-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-server@9.4.48.v20220622-tuxcare.3" } ] }