{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:3b120c03-1d45-58b2-bc37-868182019161",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/io.undertow/undertow-dist@2.2.33.Final-tuxcare.5",
      "type": "library",
      "group": "io.undertow",
      "name": "undertow-dist",
      "version": "2.2.33.Final-tuxcare.5",
      "purl": "pkg:maven/io.undertow/undertow-dist@2.2.33.Final-tuxcare.5"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:ae116863-3840-5190-9ebb-d82451e1ce72",
      "id": "CVE-2024-3653",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-3653 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-dist."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-dist@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4de58e03-6e1c-5577-a157-88a6483e0f4a",
      "id": "CVE-2024-3884",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-3884 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-dist."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-dist@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:88475d06-8d04-572d-90d8-8c9f3d215c44",
      "id": "CVE-2024-4027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-4027 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-dist."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-dist@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:05642616-abcf-58c6-9588-bbf4dcc6a5c9",
      "id": "CVE-2024-4109",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-dist 2.2.33.Final-tuxcare.5."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-dist@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:d44858d8-695c-5099-8383-b9f0587a5ebb",
      "id": "CVE-2024-5971",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-dist."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-dist@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:254aeb46-c502-520f-abfd-b42171aad073",
      "id": "CVE-2024-7885",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-dist."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-dist@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:4c2a5ecb-08a0-5a41-8a2d-1ea8a7784a87",
      "id": "CVE-2025-12543",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-dist."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-dist@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:546e1db1-74d5-5929-8f9f-f48d4b5a0f58",
      "id": "CVE-2025-9784",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-9784 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-dist."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-dist@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:859235fc-7838-576a-8a61-71be49f87f17",
      "id": "CVE-2026-28367",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-28367 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-dist."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-dist@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f281075d-8e8c-5d0d-b618-8693b1471ae6",
      "id": "CVE-2026-28368",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-28368 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-dist."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-dist@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f28652bc-4a3a-5cae-a760-72bae46f5961",
      "id": "CVE-2026-28369",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-28369 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-dist."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-dist@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:df5e2420-e6ec-566e-9be6-aef1393afc33",
      "id": "CVE-2026-3260",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-3260 is fixed in version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-dist."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-dist@2.2.33.Final-tuxcare.5"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/io.undertow/undertow-dist@2.2.33.Final-tuxcare.5"
    }
  ]
}