{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:42f198dd-2e0d-5e7f-b6fc-4ecd7279b957", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.http2", "name": "http2-common", "version": "9.4.24.v20191120-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2cdf0f22-958a-54b9-9f97-bdfc009ee5b5", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b6d777c-b972-5c56-bb81-ec5b8631d9b7", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c581446e-0c84-5b47-97a8-43d2fcea2630", "id": "CVE-2020-27223", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27223 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11027d23-0d1f-51d2-b442-7a76d0acea48", "id": "CVE-2021-28165", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28165 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00dbe973-49b5-5daf-87be-484f9844f399", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f8ec415d-5aee-5012-8c4a-b8d14fbb0e78", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f33854c-2ed3-5207-a191-13ffe5560996", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba9eb820-be0e-5380-9273-54ce0dd77946", "id": "CVE-2022-2048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2048 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0ee069a-2697-5121-896b-9adf53f4371c", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:239e9cd8-7b65-506b-ae46-911efed39bbe", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50833572-0132-516a-9288-f01d4470b1e7", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b826ce57-9e6f-5ac7-93b0-722c8f1c93fe", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbd9da89-2ac3-5f68-a803-e632021da40f", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6058b984-e7e3-5e22-b71d-60cdd2927983", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77b08820-9773-5845-a81e-394852a85c74", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a3f56d7-7999-5b9d-8685-c8f0fe311c09", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50fc3bcc-3e27-5e8a-bf57-81bae7d74156", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:177bc8d3-0c0c-533b-8c34-4bbcb3386213", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e7f6c21-8162-5cd7-b8a2-584d2ec90f6e", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23c6bd23-4db7-5762-9b6b-970878e8b7a5", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4baa60b-5997-5482-8950-adf578482a55", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af03134d-fb40-587e-aa85-ac263f8f1249", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c99679f-4eca-5cd2-9474-2c58b9e96895", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba95c9a9-4d5a-5878-acdb-7c9cacb5ff28", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-common." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-common@9.4.24.v20191120-tuxcare.1" } ] }