{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:3145b83a-a109-51d5-a817-7e3157f28927",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.1",
      "type": "library",
      "group": "io.undertow",
      "name": "undertow-parent",
      "version": "2.2.33.Final-tuxcare.1",
      "purl": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:5e92827c-cb86-53c2-805e-d70f8c56f3cc",
      "id": "CVE-2024-3653",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-3653 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:688b27f0-e05e-5006-abde-c9245ff32451",
      "id": "CVE-2024-3884",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-3884 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:809e37f2-4c76-5b99-8880-2baf4bc2fa13",
      "id": "CVE-2024-4027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-4027 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:5d54842e-e3e6-50ea-b56b-a3e82250b2f8",
      "id": "CVE-2024-4109",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-parent 2.2.33.Final-tuxcare.1."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:32585f36-0b33-5f20-9c31-172862108df1",
      "id": "CVE-2024-5971",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-5971 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:82a892e3-1999-57ae-876b-47ee92db98c1",
      "id": "CVE-2024-7885",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:43574d74-08f4-5656-977f-566ab0e84b34",
      "id": "CVE-2025-12543",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-12543 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f60ca667-5ca1-59a5-ae8f-52e3a30cbf0a",
      "id": "CVE-2025-9784",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-9784 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:01921f7b-3d5f-5d66-b626-1b133ea127b4",
      "id": "CVE-2026-28367",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-28367 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e0ef5bb4-9085-52cd-b4e8-4a1171f207c8",
      "id": "CVE-2026-28368",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-28368 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:869293b2-efb9-5c89-af04-7ac05fe59218",
      "id": "CVE-2026-28369",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-28369 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:89828c76-4d4a-5fe3-a20b-fe2fb05e9c0c",
      "id": "CVE-2026-3260",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-3260 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-parent."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.1"
    }
  ]
}