{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a2355dea-a95c-5ab6-b175-25b407f05722", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5", "type": "library", "group": "org.eclipse.jetty.http2", "name": "http2-parent", "version": "9.4.53.v20231009-tuxcare.5", "purl": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c6e600c4-541d-5366-8c95-804dae987dd3", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6724b839-866f-56d7-9513-8ebe1bca88bc", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:88904ed5-7233-5cdb-b588-02c19c1d7283", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e66aaff9-926e-567e-8673-36c2101d52e8", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aead3819-336c-5720-8848-6d8f79cbe1af", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9417e069-48b9-508f-a6b9-bd17ee6d005e", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c3e871bb-9f48-533d-a9ec-bcef50d66afa", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0efea075-eda1-5fdf-b859-ce6b964ecea2", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bbb1fb5c-4248-52e4-a12b-2df1aa866af3", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9d5ec031-9860-5684-865c-5bdb8fd273df", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:38fad597-dc64-53c1-8f64-3212e6063aca", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5c0852be-8c20-500d-99f8-4c5a2dc4e501", "id": "CVE-2024-6763", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6763 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cb23d0bc-e6e2-59fb-8393-6b51f8e7bd66", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:549f945c-c45a-5ae3-80c5-525399e97de7", "id": "CVE-2025-11143", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-11143 is fixed in version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a01c789d-19fe-5009-b0db-ff08b213790f", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eff7294d-8120-5511-89ee-94f41699d83a", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:34017fbc-dd8c-5921-bcdf-fe3e1406f556", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5bf0fa20-b5ff-5259-bef1-c1ee976d5951", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6c201bd0-f491-5037-bbbb-efd8fe4811cc", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bd77e035-7c2b-5239-b51c-1fd3f0cbc5c5", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.5 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.53.v20231009-tuxcare.5" } ] }