{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:010a2378-8db5-54eb-a21d-b193285f2928", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.3", "type": "library", "group": "io.undertow", "name": "undertow-parent", "version": "2.2.33.Final-tuxcare.3", "purl": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ad3a16d5-3b57-5688-9a73-4f9bfed0ee42", "id": "CVE-2024-3653", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3653 affects version 2.2.33.Final-tuxcare.3 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d410c3d3-a100-514a-b7f4-6910ff4de5a2", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.2.33.Final-tuxcare.3 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2d75db0-9abf-5925-9baa-6a7623b70154", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.2.33.Final-tuxcare.3 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e54c0da-22c2-5ff3-a87a-ec2e2e11a747", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-parent 2.2.33.Final-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72e79a7f-8b94-5de2-b37a-48f837ccd7bc", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.2.33.Final-tuxcare.3 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:454874a8-4c03-5224-a425-c02daa00388c", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.2.33.Final-tuxcare.3 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb31682b-3d78-5c82-a339-55870e862736", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.2.33.Final-tuxcare.3 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7fb05426-e2a1-5ae8-b87d-b991598fd738", "id": "CVE-2025-9784", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-9784 affects version 2.2.33.Final-tuxcare.3 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8fa919b9-0835-5c3f-a75a-a0a4bd6c21d6", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.2.33.Final-tuxcare.3 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f1f40d07-ba34-5c35-96a5-9204acfc524c", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.2.33.Final-tuxcare.3 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7a300f41-430f-5232-b738-60c42ad571f3", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.2.33.Final-tuxcare.3 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f3bbfe18-4fb9-522b-8b1d-55d001769d91", "id": "CVE-2026-3260", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3260 affects version 2.2.33.Final-tuxcare.3 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.3" } ] }