{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4b2e5f85-bac2-56fa-8fad-991bfa3671c8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5", "type": "library", "group": "org.eclipse.jetty.http2", "name": "http2-http-client-transport", "version": "9.4.53.v20231009-tuxcare.5", "purl": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ce27ce49-110f-5e29-af63-74abd842a000", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4b7693b6-d752-5bf6-9128-194c5f8e32ec", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dae85c9b-092e-556e-8dad-d65f72731218", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3769c780-f1c2-53b1-8578-86eebf9671cc", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:63974d8e-fe0a-5d10-994d-9f0e62df97ed", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:101c8aa8-6d57-58fb-91e1-e1cafd3fe245", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5b1f823b-e792-5696-8ba9-e57fc8889dc9", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:332e4d36-2bb3-583f-b66b-c2eb48ba9ee6", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9ab5c75b-598e-5f88-b900-de3f7e4d2d1c", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f68c2f47-aa88-55b2-bab2-eb2cd74b531a", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b79235ae-5f17-5074-91c8-fd49060597cd", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cbac4bd5-1015-52c0-bb19-d56b3fd8dcc1", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:135f1a20-774d-5c6b-b879-acff50aed60b", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:398bc4f5-f145-5139-8fd4-b925060eca3c", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c4d4e0a4-6a72-5494-bb73-23eb26736eaf", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c84fac24-fd9e-50fe-b06e-06120746d263", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5dd9d752-e8b5-576a-9a88-09f64682f429", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ed46e2c2-6f89-59cb-ac40-0791f893f1db", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4c5dbfaf-85e5-52e3-bd5d-c1dd3489b075", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4db6eee4-b4cb-5a48-9024-a4fb3954f3bc", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.53.v20231009-tuxcare.5" } ] }