{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cbd9e6f9-7704-5409-b136-359cbd5d26c2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2", "type": "library", "group": "io.undertow", "name": "undertow-core", "version": "2.3.10.Final-tuxcare.2", "purl": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:538d3125-65c9-5cef-8de8-956e43cc56db", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-core 2.3.10.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f637b8dd-2dbf-5c97-ad74-f44446c23743", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41f9f531-fa85-5858-b2df-a96c31aa7def", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:447e1566-b8c5-53c3-bfd6-d322eb13a71a", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1df25e0a-35d3-53ae-8181-17dbb279c7c7", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a93cc1db-bc54-5a9c-87b7-44b77196ea5c", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ebff411-7b94-562b-a1f4-752851d5cb3a", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5a2a45f-ebe0-54a4-a581-7552d0021057", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fbe414a3-15bb-5999-af31-b04788fc398c", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-core 2.3.10.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ab8c726-1549-5149-a01b-3a57e2dacba0", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32fafa49-f155-5997-b26a-013a0206b6c4", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba8c921e-08bb-554b-bc80-be938b809fef", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:271b519b-e726-5241-b4e5-01c18ca36ea0", "id": "CVE-2025-12543", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-12543 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e32e0cf1-ba3b-5608-85c1-a18f10e93437", "id": "CVE-2025-9784", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-9784 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1877cffb-d139-5fc6-b289-421050c84b87", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75c7a9df-905d-581d-9a77-f627559322bf", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14648ee8-c1ae-5feb-8dc5-d7f042483d31", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4250a8a0-e62e-5ee2-8e01-5456004f56e4", "id": "CVE-2026-3260", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3260 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.2" } ] }