{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0bfeb076-79a5-59ee-a9de-a4606ec3225e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5", "type": "library", "group": "org.eclipse.jetty.http2", "name": "http2-common", "version": "9.4.53.v20231009-tuxcare.5", "purl": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c1d74531-04c5-55e5-9af7-fad9d0b68c6b", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4cf635ba-ebf6-586d-93be-95b735591226", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:715320a2-8a89-5665-9b13-27fdca23568d", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d8cc38c-4d4f-5006-b01a-27e1b65fc1d5", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e733f672-b46e-5312-8799-216647891f7e", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:915c4bad-2f88-581b-8c2a-df96490d0ec7", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5feec807-a252-5196-ade7-41607b0aac6f", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3ecf8547-c8e8-5aa0-97d7-e501c0601777", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9a224b55-d5c0-50e4-b743-8626f89d7464", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cc68c1b5-9c5c-52a8-b368-e4e18ab8936b", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9d8eb43c-efbe-5349-801f-f30484c510f3", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d901bd94-1e5a-5c46-b5bb-76345c115bdf", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:db9283d0-0588-5c49-a879-ecec53371bda", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1c51d630-f5ba-516a-8370-d9283cf72dd7", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aa012d88-cc4d-5caf-b3b6-ee9f3c24eefc", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:89f61df7-0f85-5a30-86b9-162db993665a", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:60b903f3-472e-5356-b6d3-7aaa999a0544", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de742c96-5657-5382-a4a7-82521f7de368", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e3dd4461-0811-517f-8e1e-6d00a194b472", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ea95762a-5b15-56bf-b3a8-d546d0616ca1", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.53.v20231009-tuxcare.5" } ] }