{
  "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json",
  "bomFormat": "CycloneDX",
  "specVersion": "1.6",
  "serialNumber": "urn:uuid:32ba2ae0-b046-592d-96d9-d6202f73b408",
  "version": 1,
  "metadata": {
    "tools": [
      {
        "name": "tuxcare-vex-generator",
        "version": "1.0.0"
      }
    ]
  },
  "components": [
    {
      "bom-ref": "pkg:npm/undici@5.28.5-tuxcare.2",
      "type": "library",
      "name": "undici",
      "version": "5.28.5-tuxcare.2",
      "purl": "pkg:npm/undici@5.28.5-tuxcare.2"
    }
  ],
  "vulnerabilities": [
    {
      "bom-ref": "urn:uuid:f83a9ddf-a5d6-51d6-aed3-d57799a04400",
      "id": "AIKIDO-2024-10065",
      "analysis": {
        "state": "resolved",
        "detail": "Vulnerability AIKIDO-2024-10065 is fixed in version 5.28.5-tuxcare.2 of undici."
      },
      "affects": [
        {
          "ref": "pkg:npm/undici@5.28.5-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:cb182059-c9a8-55ab-96ce-475c77c7d47a",
      "id": "CVE-2024-24750",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-24750 affects version 5.28.5-tuxcare.2 of undici."
      },
      "affects": [
        {
          "ref": "pkg:npm/undici@5.28.5-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:bd6044f4-9e62-5b61-96a7-8ea302b00d86",
      "id": "CVE-2024-24758",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2024-24758 affects version 5.28.5-tuxcare.2 of undici."
      },
      "affects": [
        {
          "ref": "pkg:npm/undici@5.28.5-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:ae75a8f9-7d00-5a01-b2a8-72b6c4451b9e",
      "id": "CVE-2025-47279",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2025-47279 affects version 5.28.5-tuxcare.2 of undici."
      },
      "affects": [
        {
          "ref": "pkg:npm/undici@5.28.5-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:6b72c2ec-e51f-5ebe-9938-42ec43b0a3c1",
      "id": "CVE-2026-1526",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-1526 affects version 5.28.5-tuxcare.2 of undici."
      },
      "affects": [
        {
          "ref": "pkg:npm/undici@5.28.5-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:8e1ae198-09af-5689-a249-d1c8c6a871f3",
      "id": "CVE-2026-1527",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-1527 affects version 5.28.5-tuxcare.2 of undici."
      },
      "affects": [
        {
          "ref": "pkg:npm/undici@5.28.5-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:f41af94b-57df-5e33-a5b3-80fa01ecdb39",
      "id": "CVE-2026-22036",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-22036 affects version 5.28.5-tuxcare.2 of undici."
      },
      "affects": [
        {
          "ref": "pkg:npm/undici@5.28.5-tuxcare.2"
        }
      ]
    },
    {
      "bom-ref": "urn:uuid:887f0d90-eb0b-5381-9dfe-edce7d1fe88d",
      "id": "CVE-2026-2229",
      "analysis": {
        "state": "exploitable",
        "detail": "Vulnerability CVE-2026-2229 affects version 5.28.5-tuxcare.2 of undici."
      },
      "affects": [
        {
          "ref": "pkg:npm/undici@5.28.5-tuxcare.2"
        }
      ]
    }
  ],
  "dependencies": [
    {
      "ref": "pkg:npm/undici@5.28.5-tuxcare.2"
    }
  ]
}