{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:08eb57d6-f290-5a5b-b23b-80de83c84c17", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1", "type": "library", "group": "io.undertow", "name": "undertow-dist", "version": "2.3.10.Final-tuxcare.1", "purl": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:99403fa8-40b8-5bd4-b58a-6ecb464ad428", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-dist 2.3.10.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:15762147-0e67-5acb-af9d-b71fd81d9b98", "id": "CVE-2023-1973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-1973 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc08cea1-ca02-5487-a14e-94a4ba5aa417", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0784e81f-29d8-5b04-814e-94e9eab3c0e6", "id": "CVE-2024-1459", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-1459 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6da4c17b-2fa9-553f-8378-f2eb878bba74", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b86bcbf-ad51-51c8-97f0-920f569e1a05", "id": "CVE-2024-3653", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3653 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:67657d7e-f4ea-57d5-affc-33ba9e846cb5", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:60296173-eeac-543a-b7b3-a9b46d835a1a", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18d21677-a5fb-532d-87fa-20bd043fa76e", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-dist 2.3.10.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a59d6fe5-999c-5fca-8e94-784974bd150b", "id": "CVE-2024-5971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-5971 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c9a2f8a-911b-57d3-9cb9-6c8699e92fa1", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a89ea56e-cb46-54c0-937c-ad462a30b774", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:236fc0e7-45bb-5786-9594-0ef0d112e12b", "id": "CVE-2025-12543", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-12543 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e6e1320-9d55-52be-8f7b-c90b96491217", "id": "CVE-2025-9784", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-9784 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:128bdfb8-dba0-5ecf-8520-2913d2b1ac60", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fdcf28e1-26cb-5e0e-9d75-e6c3142d0fa9", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:874656a9-1864-53b0-9340-9354af2abb71", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c9f659b8-2c39-537f-9203-012e2f507489", "id": "CVE-2026-3260", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3260 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.1" } ] }