{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:53d150e8-3a06-59ab-b2e2-abf335e32173", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.http2", "name": "http2-parent", "version": "9.4.58.v20250814-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c80c4c3f-e714-5272-9cad-0a9754f66aad", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c18a673-d0ae-5710-a4f3-377c57cdc458", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f622428a-19f1-58f6-8417-560b41c554a9", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a90c53b-d088-5fe7-9fff-60ef5899cbcf", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fee6fef0-4881-55f7-b0af-ae0d324caba8", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae7f5304-4aba-517a-8fba-e8a6dcae01c9", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b7e790d-de5b-592d-a0bf-f9b7dc79869e", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:753ce71c-cd05-5296-8ce0-3de3f4cf36ca", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51ecb093-bf68-542a-8ec2-0971829e4fc6", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5dbfb7d0-9756-5a6b-87c6-956c4c93a4f5", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ba70d46-e092-563b-9449-a3abc125a970", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27a3dd82-2213-52f6-8692-4ea8c4905a5d", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3ead3ae-edd7-5b39-92ce-52d5a1983ec7", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3fcae2d-eaa5-5a0c-8297-092b21243613", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:127bd21b-111e-528a-9b20-d4e4ffd77555", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:803dc2c8-bbc7-5641-bc85-99d30e1eef11", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5dd07003-b1db-5a1c-9d02-c2a3d27acc79", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.58.v20250814-tuxcare.2 of org.eclipse.jetty.http2:http2-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-parent@9.4.58.v20250814-tuxcare.2" } ] }