{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b7607aa9-9950-5b50-883a-8ced0a6ac6ff", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.http3", "name": "http3-parent", "version": "10.0.26-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1bb6dee6-eae7-5eca-8ab6-83e9562b5030", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00d281ae-7ccf-5fa6-9965-98b5bf411c06", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ece5a742-f294-5e93-af00-731965d09f41", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed4f9387-6edf-5fef-84fb-bb29a1e5a8b8", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38e6670b-8d57-5a78-99aa-3aa5f30d1661", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a01898df-3bdd-5b84-8f58-552c22536e53", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63c60ebc-ff17-52a1-bb79-f4791d0ad060", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b69ad09-651f-5c94-ba99-daa2f1193f81", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b26c286-c997-5ad6-9ce8-a63bb0e34696", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5a27863-7b2e-5c99-b25b-4294540474a2", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d90177c1-ef80-5cb5-8a55-4c2f2713343d", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12d6861e-d45e-5495-93b4-53de7a903fb6", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb554a20-2041-56f3-bae6-5225972a7571", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5b21809-e8d5-5e41-89b9-fbc4af9c3090", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc0c6771-a689-5b5d-a6de-66d603631a2b", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1b1edd2-1a18-565a-8305-e9972a99b724", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15a6b14c-f070-5d33-b230-baaf9fc64b2c", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42424d1e-57df-5838-9b36-4af25e0097fc", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.http3:http3-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.http3/http3-parent@10.0.26-tuxcare.1" } ] }