{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ddc70dc4-9297-5d5d-9841-2dc3007db9bc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.4", "type": "library", "group": "io.undertow", "name": "undertow-benchmarks", "version": "2.2.33.Final-tuxcare.4", "purl": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:59f71d2b-ce3a-59ca-a923-75fa74b4c3d7", "id": "CVE-2024-3653", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3653 affects version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9319b875-b489-5346-9500-453e922e5648", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2bebab8e-97a1-51de-9af3-ef5d50ea701c", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:077e82a3-ef9e-5f48-9c73-6131d2917634", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-benchmarks 2.2.33.Final-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:965a5ecd-2325-56a4-bc56-b8987fb1421f", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:15b7406c-bfa3-5cd5-83cf-5be7b0f0bf8e", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fa3fe95c-a912-544b-9957-8868d37a377d", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9ed6cf98-d87d-54fc-8a0f-4cb44db9b67c", "id": "CVE-2025-9784", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-9784 affects version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5f5661f3-943f-5198-83ff-4da610e7ce2d", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:757f0b44-c0eb-5595-9c61-0e98cbbd34b4", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c2ca7e2-4c7f-5e20-b3af-926b1f20482b", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0856627c-a6d0-52a0-a190-8669fb0338b5", "id": "CVE-2026-3260", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-3260 is fixed in version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.2.33.Final-tuxcare.4" } ] }