{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:ba440d69-55b4-5177-b67d-1512b7494c47",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.1",
      "type": "library",
      "group": "io.undertow",
      "name": "undertow-benchmarks",
      "version": "2.2.33.Final-tuxcare.1",
      "purl": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:aee33d27-01a4-529d-8dfa-b2e000ebaeb7",
      "id": "CVE-2024-3653",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-3653 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-benchmarks."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:24051625-b446-5814-ba80-fb034e225ca8",
      "id": "CVE-2024-3884",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-3884 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-benchmarks."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:9b12e3a3-0698-5743-a64d-d3d239c67c16",
      "id": "CVE-2024-4027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-4027 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-benchmarks."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:7e0dbe65-a741-5658-8667-463a5493c544",
      "id": "CVE-2024-4109",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-benchmarks 2.2.33.Final-tuxcare.1."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5d79bf46-808f-50a1-baff-390f87415b25",
      "id": "CVE-2024-5971",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-5971 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-benchmarks."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:952214e5-3554-565b-a2c5-ae992e89316d",
      "id": "CVE-2024-7885",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-benchmarks."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:834ce028-a295-5284-880c-5818b6e43994",
      "id": "CVE-2025-12543",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-12543 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-benchmarks."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:13037683-f6a1-5861-baad-3684ba6ae9ee",
      "id": "CVE-2025-9784",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-9784 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-benchmarks."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e21a7ac4-546b-5f13-aba7-76e956b46bdd",
      "id": "CVE-2026-28367",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-28367 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-benchmarks."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:eb4c9dd5-547d-52de-9cf3-d9665312742d",
      "id": "CVE-2026-28368",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-28368 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-benchmarks."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d30ce0f1-6216-5c07-a744-f4d11376443d",
      "id": "CVE-2026-28369",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-28369 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-benchmarks."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c36f4464-44fb-5533-9a3a-11c6cccca0e1",
      "id": "CVE-2026-3260",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-3260 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-benchmarks."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.1"
    }
  ]
}