{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dcc7d031-d5cf-5665-ad84-a0926cd1b459", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-benchmarks@2.3.18.Final-tuxcare.1", "type": "library", "group": "io.undertow", "name": "undertow-benchmarks", "version": "2.3.18.Final-tuxcare.1", "purl": "pkg:maven/io.undertow/undertow-benchmarks@2.3.18.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f6895c81-95d6-590f-aebd-56b6ec804f98", "id": "CVE-2016-6311", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-6311 affects version 2.3.18.Final-tuxcare.1 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.3.18.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee1ef508-7da7-5340-b803-05b081211356", "id": "CVE-2024-3884", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3884 is fixed in version 2.3.18.Final-tuxcare.1 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.3.18.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7f3265c-78bf-5855-9f45-e58050067ebf", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.18.Final-tuxcare.1 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.3.18.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ed2265f-1673-5217-998b-64c8ee89a058", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-benchmarks 2.3.18.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.3.18.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a51e071-1cb6-584c-bc11-76cb9fca4ec6", "id": "CVE-2025-12543", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-12543 affects version 2.3.18.Final-tuxcare.1 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.3.18.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e14572e-df51-549d-9b2c-de401189b808", "id": "CVE-2025-9784", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-9784 affects version 2.3.18.Final-tuxcare.1 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.3.18.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e41a8f4d-0913-5ddc-8995-ca4b51b1aae7", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.18.Final-tuxcare.1 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.3.18.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4bc73686-2552-5b6d-9997-59236ea5aeda", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.18.Final-tuxcare.1 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.3.18.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b861eb1-1dce-5ef4-82c4-a751b3843a5e", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.18.Final-tuxcare.1 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.3.18.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14e92af5-04b3-53f7-a8cf-913c825fa02f", "id": "CVE-2026-3260", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-3260 is fixed in version 2.3.18.Final-tuxcare.1 of io.undertow:undertow-benchmarks." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.3.18.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-benchmarks@2.3.18.Final-tuxcare.1" } ] }