{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:02298990-96b4-551a-a611-d46998569260",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.1",
      "type": "library",
      "group": "io.undertow",
      "name": "undertow-websockets-jsr",
      "version": "2.2.33.Final-tuxcare.1",
      "purl": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.1"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:353e6fc2-4cc1-5ffa-8759-a8b982c679e3",
      "id": "CVE-2024-3653",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-3653 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:23e705db-69c0-570c-b000-142035759780",
      "id": "CVE-2024-3884",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-3884 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d9107f64-132a-5102-9e5c-a9caa0c97b1d",
      "id": "CVE-2024-4027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-4027 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:41ccdfb1-d612-595e-9d11-515816ffbf8a",
      "id": "CVE-2024-4109",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-websockets-jsr 2.2.33.Final-tuxcare.1."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:c3104c47-2272-5306-955f-2c762bba82ea",
      "id": "CVE-2024-5971",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-5971 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e844b3d5-6b1b-5468-bff7-b893bc0fc238",
      "id": "CVE-2024-7885",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:97bca3af-eefd-5d42-943a-894dd6ca2c44",
      "id": "CVE-2025-12543",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-12543 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d970dbcb-7f24-5630-81a4-2de3a86253dd",
      "id": "CVE-2025-9784",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-9784 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1f01046b-9964-5e1b-8199-904a82278c9f",
      "id": "CVE-2026-28367",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-28367 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8c906a54-1173-55b4-a625-ce2b9bb40fdc",
      "id": "CVE-2026-28368",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-28368 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:a3bf14b1-9918-5981-8d7c-725859d22ed8",
      "id": "CVE-2026-28369",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-28369 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.1"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4df395f3-1d10-5d6c-996d-5238dde56fe8",
      "id": "CVE-2026-3260",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-3260 affects version 2.2.33.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.1"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.1"
    }
  ]
}