{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f5eac72c-ee91-5069-a389-32c6266f3ae8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2", "type": "library", "group": "io.undertow", "name": "undertow-dist", "version": "2.3.10.Final-tuxcare.2", "purl": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:398b08ef-dff8-5dde-8aa9-214be7600a14", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-dist 2.3.10.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f85049b2-5348-5fc6-aa4d-910cfc13fd3c", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea626583-7a11-5a2a-bf14-32cfe33fd77e", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbc6029f-e0e0-54d5-a721-d22e97d07915", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:30d89d2b-883c-5c19-b26c-268138c9bb15", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18b1d60b-dc1e-5876-bd38-57d01103d4fb", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84eb81b0-68f8-5789-ac09-e6b4f2758e91", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6aafb910-7b15-5f72-9c40-f6500dc5d886", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a096feb6-6275-521f-9410-58c5f9517816", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-dist 2.3.10.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51e5c32d-2401-5994-9606-841e5c00f5bc", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb91fe3d-5d45-5258-b8cb-2974d6f3a379", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:369ec441-cc11-5160-adbc-117fd7159a58", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76baee80-2457-5216-a3ee-c71e4a811b55", "id": "CVE-2025-12543", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-12543 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6f2a6f3-34bb-5608-a826-a6adc93f06b6", "id": "CVE-2025-9784", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-9784 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d92a412-8c02-53c4-86e7-cb219222e657", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8d3b102-7d97-5223-8540-1f100549076b", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64a23a20-7019-5d1a-8d3b-283d99a45dfe", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1fc8c976-1ccb-5089-989e-936e0946f305", "id": "CVE-2026-3260", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3260 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.2" } ] }