{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:170aff79-746e-5ba4-b957-9fe5be528c69", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.4", "type": "library", "group": "io.undertow", "name": "undertow-parent", "version": "2.2.33.Final-tuxcare.4", "purl": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9653ad74-5f63-51b4-97bb-5118a81d160f", "id": "CVE-2024-3653", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3653 affects version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df12c858-8a8a-5d01-b15f-a3ec803b008c", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:223292d2-13f2-5459-8cce-6fe20f03f581", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8fd9a1c5-53ea-5895-a40c-6559f3353550", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-parent 2.2.33.Final-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f38dd207-d5ed-53db-b7f2-7182a0e1af94", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:36bd2b3a-6f17-51db-bdb1-a7da84766829", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:092c1f6c-e8d3-56a0-8205-6b06c2561131", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d03f8895-bbe5-57cf-bec7-fff15f2cda51", "id": "CVE-2025-9784", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-9784 affects version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:045fc92b-fe1b-50ba-8ea5-f17c45c31c06", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:215b8a50-08be-5159-b476-71acea31c5a7", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a29d882-7d67-5d32-9d74-03c052a7bc6b", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:93d7f7ba-0929-56fa-a0cb-78e6adf58202", "id": "CVE-2026-3260", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-3260 is fixed in version 2.2.33.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.4" } ] }