{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:34a27236-47a5-5e08-b7d0-277342a34c77", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.http2", "name": "http2-http-client-transport", "version": "9.4.24.v20191120-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a7e5eb8c-da80-5aa7-bf19-c98b12d73a32", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad140d8b-65d6-51c5-9541-4d229a4fa3d0", "id": "CVE-2020-27218", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27218 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:886841e4-782e-5921-8002-d4226613a07a", "id": "CVE-2020-27223", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27223 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dcdce69e-899a-5525-a886-1d3007c4a03a", "id": "CVE-2021-28165", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28165 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a7ca2b1d-ee8d-5f1e-979a-8ef8bbd62a30", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f46781b2-922e-590e-a100-661eb582ead9", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:364f6457-79a5-57c3-b9e5-4946b973ae6c", "id": "CVE-2022-2047", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2047 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d0f294b-31c2-5bde-98f5-8042a7544d8c", "id": "CVE-2022-2048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-2048 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ea23522-2be9-5544-bd98-99e9837d10b8", "id": "CVE-2023-26048", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26048 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4c6a329-a0dc-584a-a561-7eaf36cd9dc4", "id": "CVE-2023-26049", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-26049 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:853c6224-371f-5be1-ade8-05fb5413e5a5", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:353bcfa4-a533-51b4-9951-b413fe7a926d", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f5d7095-09c2-5210-bfed-c205d6a6bb03", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55bd2ccd-86b7-5ca4-8045-1cfda8e49dd1", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c5414a2-8ccc-5f46-977b-90bd5b5f1157", "id": "CVE-2023-44487", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-44487 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5827ce2-8bfc-510e-8ea3-b02768de6f9c", "id": "CVE-2024-13009", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-13009 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0f3262d-a59a-5288-a7d1-fd624a6cdd06", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1267a6cd-73cf-5185-8912-8b3e7b78f1d4", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a97f5a4-1254-51b3-9462-78886bc87617", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48c68435-b839-5bd3-a277-58f223edc05f", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c96daafc-f8de-5cc3-999f-3639aa9f77e4", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:346609ac-32cf-5339-878d-a3ef72a81ef2", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ee258f3-6313-5913-809a-c21232a12cd8", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be6e7986-7fc8-5783-a15a-0ef6b6ef7c09", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.24.v20191120-tuxcare.1 of org.eclipse.jetty.http2:http2-http-client-transport." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.http2/http2-http-client-transport@9.4.24.v20191120-tuxcare.1" } ] }