{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:c6688791-20e0-5160-8f0d-b0fe8e68abfe",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1",
      "type": "library",
      "group": "org.eclipse.jetty.http2",
      "name": "http2-client",
      "version": "9.4.48.v20220622-tuxcare.1",
      "purl": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:6b7f9b49-aaa6-5119-88b2-b5bffeda0dad",
      "id": "CVE-2020-27216",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:26c18b18-3a4d-52db-8a48-4b1d3812a0a6",
      "id": "CVE-2021-28169",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0327d478-3c26-57cd-889c-b5b06ea05f4f",
      "id": "CVE-2021-34428",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:19c31530-065d-5c49-b32a-aff36004846d",
      "id": "CVE-2023-26048",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:45c1ea37-9b6f-55b0-96e8-981a9cba501a",
      "id": "CVE-2023-26049",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-26049 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:09fcd2a9-fd0b-58de-b803-f155bff51dbd",
      "id": "CVE-2023-36478",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:242b1c42-003a-5d25-af34-57b0924929d1",
      "id": "CVE-2023-36479",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36479 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:617fa23b-43de-5009-b395-37954b75ea64",
      "id": "CVE-2023-40167",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d8af29d3-bffb-5456-9c76-15438339088b",
      "id": "CVE-2023-41900",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-41900 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:cff3e352-c850-5f85-8dec-58526c1ec245",
      "id": "CVE-2023-44487",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-44487 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f3549d42-8de4-516e-941f-1a73dff65e5b",
      "id": "CVE-2024-13009",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:60d480d5-62a2-5e75-8be7-a55ca1ba1fbc",
      "id": "CVE-2024-22201",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:37997cfa-d88e-5639-8107-1f7e92465848",
      "id": "CVE-2024-6762",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:00d9f4cc-cb7f-5040-b38d-941f8c1bd88c",
      "id": "CVE-2024-6763",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6b2aefa8-5100-52f6-99d8-0a67356ede3e",
      "id": "CVE-2024-8184",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6bb3f143-d7d1-57ba-adf7-b671cac64ccc",
      "id": "CVE-2024-9823",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:90ee473b-6144-572f-86d8-5caef754f78c",
      "id": "CVE-2025-11143",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4846ce4b-0472-5875-844c-18d602466544",
      "id": "CVE-2025-5115",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-5115 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:35bedc44-f9cf-5a11-aadc-6a8b8a4157ba",
      "id": "CVE-2026-1605",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e0ab07ff-0ad3-5453-a356-ac3e697f7888",
      "id": "CVE-2026-2332",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:48cb9ebb-1765-53dd-ad52-675b32a837bd",
      "id": "GHSA-58qw-p7qm-5rvh",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.48.v20220622-tuxcare.1 of org.eclipse.jetty.http2:http2-client."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.eclipse.jetty.http2/http2-client@9.4.48.v20220622-tuxcare.1"
    }
  ]
}