{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:80bddd6e-ae97-5f2e-bb4a-91ef177dd524", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1", "type": "library", "group": "io.undertow", "name": "undertow-core", "version": "2.3.10.Final-tuxcare.1", "purl": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a89277e3-212a-5676-bee2-8901992a2bf5", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-core 2.3.10.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58405974-9f6b-520f-bb31-7301b28a1c2f", "id": "CVE-2023-1973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-1973 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb365f92-b14d-5df5-bb67-b73571c35642", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06ba7b46-79e4-5df9-a879-0a6a32d58059", "id": "CVE-2024-1459", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-1459 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9dbcb015-2799-509b-b29f-4b046c45d80c", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1b98995-e7e0-5ce4-a1ae-5de194dfa69d", "id": "CVE-2024-3653", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3653 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c03aa6a-19cb-5fd0-9dcf-cfbd165cb245", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3376cf04-8e8b-55be-90f5-92adcb897192", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14813d8c-346a-5a66-b596-1b5e00bab69f", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-core 2.3.10.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab85b72c-92a9-5c8f-9a30-ecdd4d8cdce4", "id": "CVE-2024-5971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-5971 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a7493f9-4720-5fec-b20b-1732918ed86c", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a0f38c1-958d-5a02-87ac-16c46379285c", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb3779ab-b31f-5e72-aff6-3e0e84da6e2a", "id": "CVE-2025-12543", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-12543 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e397b261-999a-5110-a137-75982a78d7c2", "id": "CVE-2025-9784", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-9784 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5f11e63a-b441-59e7-947e-de15e9cecd86", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:915e12d1-57da-5965-930c-93304a1ffc4f", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:927f66de-6c54-5b90-86b8-fe34d8fa9159", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b826038a-ce46-520a-b3b8-cc3d5c821ca0", "id": "CVE-2026-3260", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3260 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.1" } ] }