{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:aa7fe840-0603-5c49-bafe-f19730bcf51c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1", "type": "library", "group": "org.eclipse.jetty.demos", "name": "demo-async-rest-parent", "version": "10.0.26-tuxcare.1", "purl": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f5fbab9e-2a7c-58f2-a7f2-2e24fa7e7f72", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:214fdb14-d6f2-58bb-8218-6a1d395da2f3", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ee2d790-748f-5ade-b35d-3c66c08e15e4", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:42800913-1e17-55cd-9583-6ac6f26d760b", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72c12bd1-74f0-503b-833e-774ef5bc9cb3", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70012d13-c587-5521-899d-69f4b71641c9", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29410e8a-d277-593b-a516-eab0cc2b7c36", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a5fe491-4987-5f04-a555-9f605d09de7c", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5fd15034-3378-5353-a820-95de7cbdc65e", "id": "CVE-2024-22201", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-22201 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4280054-2e2c-5e24-a65d-90f5de4450b3", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7e3d300-44cd-5b95-966b-9f9af1c27f0d", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d80f835-8618-53b5-8c6d-3da27d2f804a", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad59976a-a90d-54d6-a8f8-75c84bb18568", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9a79d797-604c-598c-a132-8490c10f54d9", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0614d7bd-d134-5c53-a2a6-ef34de1dc4b0", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ab75dfa-6daa-5101-9a26-2e770853e470", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2db4f1a6-d52b-5f58-9918-56ead5ec5752", "id": "CVE-2026-5795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-5795 is fixed in version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a8a25c3-4e82-5a97-8767-671fe5067156", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 10.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-async-rest-parent." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.demos/demo-async-rest-parent@10.0.26-tuxcare.1" } ] }