{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:f55cf62f-e091-5493-ac80-43dddcc79cc1",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@11.0.19-tuxcare.2",
      "type": "library",
      "group": "org.eclipse.jetty.http2",
      "name": "http2-client",
      "version": "11.0.19-tuxcare.2",
      "purl": "pkg:maven/org.eclipse.jetty.http2/http2-client@11.0.19-tuxcare.2"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:673860c1-e01a-58a2-9b51-cd58c9ee8432",
      "id": "CVE-2023-36479",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36479 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1a7fb740-ec0b-5b95-ab8d-fb5669e8a650",
      "id": "CVE-2024-22201",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22201 is fixed in version 11.0.19-tuxcare.2 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:3e90701c-2b61-545f-a751-779665eb4899",
      "id": "CVE-2024-6762",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-6762 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ef55911b-848b-557e-acf5-0b58306edcb1",
      "id": "CVE-2024-6763",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-6763 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:eea28b65-7fbf-5739-844a-9727e8cdd543",
      "id": "CVE-2024-8184",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-8184 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d133784b-6d5a-5a40-aef6-a470aa772453",
      "id": "CVE-2025-11143",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-11143 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:80516b3c-280f-5a5d-8f49-8c9d9637aa4e",
      "id": "CVE-2025-5115",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-5115 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9e32cfe4-b27c-50d5-a4b0-7b30552d739e",
      "id": "CVE-2026-1605",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-1605 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:16f44270-f646-5058-b42a-88f89c3aadf9",
      "id": "CVE-2026-2332",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-2332 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:844c53c6-f35a-5f2a-b4df-67c238af0b40",
      "id": "CVE-2026-5795",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-5795 affects version 11.0.19-tuxcare.2 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@11.0.19-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:eb8ac217-0671-5bbc-bb24-2510e514ddf1",
      "id": "GHSA-58qw-p7qm-5rvh",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 11.0.19-tuxcare.2 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@11.0.19-tuxcare.2"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@11.0.19-tuxcare.2"
    }
  ]
}