{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:cbfd5424-6aa4-5143-8007-4525930976ef",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.5",
      "type": "library",
      "group": "io.undertow",
      "name": "undertow-websockets-jsr",
      "version": "2.2.33.Final-tuxcare.5",
      "purl": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.5"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:b4bcafba-c231-5840-af9e-11cc4af04bda",
      "id": "CVE-2024-3653",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-3653 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ee63c5f8-50e7-50a1-81d3-5ae3d313c4be",
      "id": "CVE-2024-3884",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-3884 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ece8f676-42be-53b1-ab17-ca1f0fe24976",
      "id": "CVE-2024-4027",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-4027 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fd5d4e58-3dfd-5a93-ad4e-62a5a6e0a2ff",
      "id": "CVE-2024-4109",
      "analysis": {
        "state": "false_positive",
        "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-websockets-jsr 2.2.33.Final-tuxcare.5."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:1d5f0d7f-bf63-5600-bc2c-57a9da113904",
      "id": "CVE-2024-5971",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:e5fb5a85-9111-5a69-99d1-f1dd9d3cc35a",
      "id": "CVE-2024-7885",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8e2bd791-2034-5a70-bce7-ba38b32107d2",
      "id": "CVE-2025-12543",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:fe81bcea-d01a-5aef-9baa-d16b970c9e05",
      "id": "CVE-2025-9784",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-9784 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:749eaa5e-f8b8-5993-8be4-a2bf1a88addd",
      "id": "CVE-2026-28367",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-28367 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ddffbed2-1eec-5334-9424-25283d746e93",
      "id": "CVE-2026-28368",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-28368 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:06b6ca94-3844-5a3b-a288-83a88fae02be",
      "id": "CVE-2026-28369",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-28369 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.5"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:cb5c1710-daa4-5bef-9765-05318d98b463",
      "id": "CVE-2026-3260",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability CVE-2026-3260 is fixed in version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-websockets-jsr."
      },
      "affects": [
        {
          "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.5"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.2.33.Final-tuxcare.5"
    }
  ]
}