{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:5c26bad1-3bc4-53f3-a4e9-76129f7b5361",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/org.eclipse.jetty.demos/demo-jetty-webapp@11.0.26-tuxcare.1",
      "type": "library",
      "group": "org.eclipse.jetty.demos",
      "name": "demo-jetty-webapp",
      "version": "11.0.26-tuxcare.1",
      "purl": "pkg:maven/org.eclipse.jetty.demos/demo-jetty-webapp@11.0.26-tuxcare.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:9f48140f-7e68-5a93-a0f9-ac3faef8b132",
      "id": "CVE-2023-36479",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2023-36479 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-jetty-webapp."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.demos/demo-jetty-webapp@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5b40f687-0ab5-5a36-bbb2-c5ebbe1d7c4e",
      "id": "CVE-2024-22201",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-22201 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-jetty-webapp."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.demos/demo-jetty-webapp@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a31324da-3a82-5421-8a4a-d4f2c7bbf397",
      "id": "CVE-2024-6762",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-6762 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-jetty-webapp."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.demos/demo-jetty-webapp@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:0bdff278-8b6e-5aeb-ae7d-cd5b780e54a7",
      "id": "CVE-2024-6763",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-6763 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-jetty-webapp."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.demos/demo-jetty-webapp@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f8112779-cf03-5110-b0a1-0edca62b99cf",
      "id": "CVE-2024-8184",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-8184 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-jetty-webapp."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.demos/demo-jetty-webapp@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a82e9f85-d0c9-5ee5-bacb-9ad60bb244d4",
      "id": "CVE-2025-11143",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-11143 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-jetty-webapp."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.demos/demo-jetty-webapp@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1163fba6-d8f5-5d52-a31d-b2754a455981",
      "id": "CVE-2025-5115",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-5115 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-jetty-webapp."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.demos/demo-jetty-webapp@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a9ac19d2-6b08-5427-9afb-d7f51a7fdea4",
      "id": "CVE-2026-1605",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-1605 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-jetty-webapp."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.demos/demo-jetty-webapp@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:47ee81a3-c9be-5b76-81ce-3b27f4a1bccc",
      "id": "CVE-2026-2332",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-2332 affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-jetty-webapp."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.demos/demo-jetty-webapp@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ed25db62-5806-5b38-8648-cc5d8b2f2859",
      "id": "CVE-2026-5795",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-5795 is fixed in version 11.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-jetty-webapp."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.demos/demo-jetty-webapp@11.0.26-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1c49a1f6-68d2-5e1a-85c0-7cd408ace21a",
      "id": "GHSA-58qw-p7qm-5rvh",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 11.0.26-tuxcare.1 of org.eclipse.jetty.demos:demo-jetty-webapp."
      },
      "affects": [
        {
          "ref": "pkg:maven/org.eclipse.jetty.demos/demo-jetty-webapp@11.0.26-tuxcare.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/org.eclipse.jetty.demos/demo-jetty-webapp@11.0.26-tuxcare.1"
    }
  ]
}