{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ea710df0-784a-5ddc-b599-82be03c70717", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.5", "type": "library", "group": "io.undertow", "name": "undertow-parent", "version": "2.2.33.Final-tuxcare.5", "purl": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e8f901fc-fb88-5418-939b-671ab24dcc25", "id": "CVE-2024-3653", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3653 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aff38296-6d18-51cb-8476-a7bd2b8a2b3e", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1fd40ca9-5626-5c2f-8e40-0c3560d84201", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1739578c-8a4c-5919-8541-901427a91a5d", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-parent 2.2.33.Final-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:52e64847-6cd9-5adb-b42f-bd94c8f853b7", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1526f160-a3bf-5cc1-be3c-99573d89ecaa", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a6b67b72-3b78-533e-a417-49d593b81f02", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a61c7c61-d729-506e-a528-d5a10aa6282f", "id": "CVE-2025-9784", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-9784 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d02b81a4-2045-5032-8cf9-57f72061a1e7", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3f7be19f-8d0f-5634-93e5-2bb97c152ec0", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b5b6e0a9-c3b8-564a-9c57-998399ba024c", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dab0d3c7-b3c3-59d4-a988-26164f960074", "id": "CVE-2026-3260", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-3260 is fixed in version 2.2.33.Final-tuxcare.5 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.2.33.Final-tuxcare.5" } ] }