{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:360f04aa-b3cd-59ee-af26-e5a7dbdb6c1f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4", "type": "library", "group": "io.undertow", "name": "undertow-core", "version": "2.3.10.Final-tuxcare.4", "purl": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bd6fc618-9108-580b-9dfd-bc6b28d7384a", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-core 2.3.10.Final-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f280ae2-5721-56d3-addb-55fdbcc5d650", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aa8b19ba-0975-5f67-a1c2-cf505ce0670d", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b6335154-1bf4-582b-a6da-c147727894d9", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0b2341f-4c17-58fe-a83b-9d15a7b9c2de", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fa005e03-b85f-5e97-af7a-a3fc54d2b100", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ccf5afff-73fb-5713-aff5-6bab31f49ee2", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a090e4d-a9f0-5a02-a501-8a8287c8999e", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:74eda9dc-6801-58c9-9544-aa621a65d8f7", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-core 2.3.10.Final-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e4e7aef3-5f8f-5c53-a45b-d886c2f3bb68", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff5354bc-4423-5ea5-b534-37b55545af36", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c38d0c43-d16c-5510-9e25-086a169a9512", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cb5a37e4-520d-5650-9d1a-86bb36c6391f", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7e4a44ae-d21c-592c-806f-2f8c510707bd", "id": "CVE-2025-9784", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-9784 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:abfb5e2b-ee40-562c-9f5b-40e584157ee6", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:11261681-6559-5f08-acad-5a78b6d69f70", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d508673c-11c4-5ba5-9a74-34c3848e2949", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89221d23-3c77-5608-a857-20e8b68ff008", "id": "CVE-2026-3260", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-3260 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.4" } ] }