{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:219f6eaa-8767-58d9-bd23-f414541070a4",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3",
      "type": "library",
      "group": "org.eclipse.jetty.http2",
      "name": "http2-common",
      "version": "9.4.48.v20220622-tuxcare.3",
      "purl": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:992afb75-5f98-5d56-aea3-d727bdc0cedf",
      "id": "CVE-2020-27216",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0b4dda9a-9f4a-5331-8816-243930c4fc59",
      "id": "CVE-2021-28169",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a769f49c-e25a-5b17-aa31-53398db564b1",
      "id": "CVE-2021-34428",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:252f54c5-e988-5f16-b9d3-3f54450f9826",
      "id": "CVE-2023-26048",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6c826d8a-7cb9-5025-aab0-65a5b925d4fc",
      "id": "CVE-2023-26049",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5cbf84ef-0c33-5559-884e-98f6fbce1de3",
      "id": "CVE-2023-36478",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:dc3d8b9a-58f4-5c26-8f1d-bfbcf331c1b0",
      "id": "CVE-2023-36479",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7b32e63c-5ce6-547e-a9c3-9bc8f6dc15f7",
      "id": "CVE-2023-40167",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c2512eba-db43-58c8-b64c-e0595f499faf",
      "id": "CVE-2023-41900",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e0439d40-425a-555d-986a-150052f81f79",
      "id": "CVE-2023-44487",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:102ea710-4ea6-5a25-8476-e84a9542fb00",
      "id": "CVE-2024-13009",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9dd1d91d-894d-5f9a-81e7-660d7d659412",
      "id": "CVE-2024-22201",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e9a2e8e5-e281-53f2-8da7-b38a585bf601",
      "id": "CVE-2024-6762",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:32920a00-2326-55e2-bc62-1ca1ef212e51",
      "id": "CVE-2024-6763",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:21e1f9fc-f57c-59bc-bdce-3f33cae68f86",
      "id": "CVE-2024-8184",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:eedfef2c-5f08-5ab1-b9d4-dfaf9ffa329d",
      "id": "CVE-2024-9823",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:371de0ff-ee82-57a1-8932-97a2faea0343",
      "id": "CVE-2025-11143",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c1459162-dd7c-513d-bd80-28bd55268379",
      "id": "CVE-2025-5115",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ccabc126-caf2-5a8d-b9b0-88cb79120c8d",
      "id": "CVE-2026-1605",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:56ac136c-0d4f-5f70-b3af-00f8f9c5f374",
      "id": "CVE-2026-2332",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:10808096-9b50-578b-87f6-bce635f0af54",
      "id": "GHSA-58qw-p7qm-5rvh",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty.http2:http2-common."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.48.v20220622-tuxcare.3"
    }
  ]
}