{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5edc85bc-219d-536a-9221-406e4baf5397", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.http3", "name": "http3-http-client-transport", "version": "10.0.26-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:330ea9d2-946f-5aef-af92-0a62ded15c1e", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ce54217-4fb2-5c1b-a2cf-0db94e0a3369", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7587a396-67ad-5756-868a-c902e9f9e992", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d85860d8-e4e1-51c1-8eab-c2465419d257", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:243a3047-4f7b-5df8-9d8a-d3eca6a76f8e", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75327f20-1ed5-5c5f-8fc3-92399ab42b9a", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46620348-7cc9-590a-91ea-dbfa1221674f", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d305db5d-0724-5c99-af9a-2c595092e067", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d6208e9-dfa0-5fee-8104-86c0c738ad8c", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1140de8c-da39-5848-b0d4-87da091769b0", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3ccdad39-296e-594f-a0cb-67de0e74816d", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01ed8d4d-4a09-588f-8b40-f8a85537add6", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b11d23be-1971-565c-95aa-1ec770e588de", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e80f281-10b9-5a52-8494-1b25ab6a1b65", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:921dd2ae-6dfc-5ad7-a27a-ee497b6e304d", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75545736-9304-5d06-9219-d07d7580ff24", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff3115d4-f113-59ff-9ee4-9f8124bb79dd", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce441bfc-b654-5809-9ab6-017c8b9dbf23", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-http-client-transport@10.0.26-tuxcare.1" } ] }