{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5fbbdfa4-380a-50c7-898f-faf71f8d521d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3", "type": "library", "group": "io.undertow", "name": "undertow-dist", "version": "2.3.10.Final-tuxcare.3", "purl": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:af9c58be-573f-50ee-816d-81841bd14f9e", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-dist 2.3.10.Final-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac5f926b-50c8-5798-98fc-fdea842e0e70", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5bdcea96-2ee0-5235-8de9-918152ee4a2c", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:671a2bfc-8e4d-59a6-9f96-a7bb79b2ad65", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:358259ae-e49f-56cc-adf6-d2867355cb23", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32c3740f-866c-573d-b92d-9d26f482ba39", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55fc52ea-ee6f-5c9f-bb55-595fb38db240", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6b65918-c75b-5f11-8ce6-cda0226bd08c", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6055efe-a454-5cfe-999d-c1f2f1bb2e73", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-dist 2.3.10.Final-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:abb3554a-df1e-5aaa-93cf-8d0cf30f8189", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3e464f77-4250-5d7b-864e-ce892b15ec77", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ee9f2556-8bc9-5318-9e75-0fe724a1103e", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c9487842-4912-536f-b772-4f5d05531fde", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:70d13309-5604-5298-a3b5-1be82c61b31a", "id": "CVE-2025-9784", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-9784 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a54085c6-9cff-5adb-826f-1fc1ab06e489", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd9d1101-5535-549c-a6da-64ec4f96ce44", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b3fe82c-4c30-5eaa-b698-95f896ea9e10", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ed791d2-c857-5965-aedb-0563b2e71cbc", "id": "CVE-2026-3260", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3260 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.3" } ] }