{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bce33785-a484-5e76-b4b7-498f0d4b28c4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-alpn-client", "version": "9.4.50.v20221201-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b8709b8b-466f-505b-99db-f539d2bd3f44", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:257ef98a-b19d-5360-9856-149b62127494", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89e707d7-aec2-56ef-83f8-177856cd9671", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da309bcd-d1c5-576f-b240-38cee66e3b8a", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:404532e5-156d-5dd2-871e-23cdf8369a75", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1191169d-6ae7-5c53-ac58-e93553eb7875", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:081a04af-f362-58c3-baf6-82aab297627f", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:098f84f3-3100-5f7f-abd1-568d4aa58704", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9957a88c-5445-5b7b-9b22-3069206e391b", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8869476-7584-5be7-8686-f769f1a44649", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cbb31802-23dc-56b0-97b0-e6fa362d0e83", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c17cbd2-29a4-537a-9f66-07d8536707cd", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3afa9ccd-20bf-5902-ada9-28ac45509892", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e39c5e7-2dda-58fd-9412-65291d9e9b3c", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd9cf39b-d5ba-5486-ae60-0cb4addf57f3", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a498e287-dc67-53f8-bc7f-dc3deb803c5c", "id": "CVE-2024-8184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-8184 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69cd6686-3764-5019-a2bb-8f4cd2f388cd", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:766be0b7-87fe-5660-8b68-abd8387d53de", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad486727-5971-59e6-9076-b450bf6410f9", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a097e0b1-6c78-525b-a623-38c440bb65f5", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b12be90-5a0a-53df-abeb-8e9c939a9e95", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d85ba559-77b4-5673-bae6-b874aa44c452", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af481faf-f311-50dc-bb07-f9e228eeca31", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.50.v20221201-tuxcare.1 of org.eclipse.jetty:jetty-alpn-client." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-alpn-client@9.4.50.v20221201-tuxcare.1" } ] }