{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:6a0ea130-217f-5982-bb25-3dd124f8dc9f",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@11.0.26-tuxcare.1",
      "type": "library",
      "group": "org.eclipse.jetty.http2",
      "name": "http2-parent",
      "version": "11.0.26-tuxcare.1",
      "purl": "pkg:maven/org.eclipse.jetty.http2/http2-parent@11.0.26-tuxcare.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:0a5f9f37-4a15-5072-a878-556739cca9d1",
      "id": "CVE-2023-36479",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36479 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.http2:http2-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bcda76e6-a8c7-5a11-9ed6-ac02100907fd",
      "id": "CVE-2024-22201",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-22201 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.http2:http2-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d622e411-1be9-5b3e-b875-184aa0976d95",
      "id": "CVE-2024-6762",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-6762 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.http2:http2-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f53a394a-e750-567e-bf6c-d9e3e403d544",
      "id": "CVE-2024-6763",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-6763 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.http2:http2-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:05e51346-15a1-5c44-aa69-5df7e7ae6bb1",
      "id": "CVE-2024-8184",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-8184 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.http2:http2-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c3d74e15-7805-501a-8d0a-33043c790b4a",
      "id": "CVE-2025-11143",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-11143 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.http2:http2-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ef53f5d2-f70b-5914-a224-0371cd2828e3",
      "id": "CVE-2025-5115",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-5115 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.http2:http2-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0b6a5fc2-e8e5-5a9b-a419-300f6c804a6a",
      "id": "CVE-2026-1605",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-1605 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.http2:http2-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:95758e0e-3e9c-5609-87a3-f5131cc12125",
      "id": "CVE-2026-2332",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-2332 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.http2:http2-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:26bf8895-57d7-5856-a737-a1e125b1d486",
      "id": "CVE-2026-5795",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-5795 is fixed in version 11.0.26-tuxcare.1 of org.eclipse.jetty.http2:http2-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4e98c397-a489-52e8-82d5-4c221c1c686c",
      "id": "GHSA-58qw-p7qm-5rvh",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.http2:http2-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@11.0.26-tuxcare.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@11.0.26-tuxcare.1"
    }
  ]
}