{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9b4de134-d21c-57d0-aac6-43c91f5ccb24", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4", "type": "library", "group": "io.undertow", "name": "undertow-dist", "version": "2.3.10.Final-tuxcare.4", "purl": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8635a7f3-0666-5a92-a40d-c6b258d7327b", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-dist 2.3.10.Final-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:66a68ce3-b020-5f7b-920a-7146c82f0799", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8efc07a6-d4ef-5927-8de4-94d2eb138845", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:12c09830-f21f-5feb-897b-caf587378543", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2f433f74-047e-51e1-95ff-adbc669a4139", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ca1a3641-f2ae-5fa3-ac08-ffaee238a11b", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ee555ad1-8c8e-5479-be7a-e9f94d735e1a", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2311853a-6088-5836-bda4-cf5d8ae47001", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06e582cb-76a8-51cc-b5c3-07485093f058", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-dist 2.3.10.Final-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e5a7293c-1cd2-5bad-a622-bc2c3bbf6c47", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:29f662e1-ed99-58c4-a46c-f381b174b068", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:464e72b2-214b-5f14-ae9a-7772f1566046", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac694148-d761-59d7-bd95-e990fee0b10c", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c3e9ce02-9e59-50bd-a764-29d19c4f4405", "id": "CVE-2025-9784", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-9784 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ca0ef001-31c1-5af1-97c3-47352ca5a3af", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e10200e0-02a1-502b-8c09-ddd0ce4a1c78", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:11ac568e-5e8c-5bd3-b44b-e400b1075274", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06b4f64d-32b2-5854-9f82-97c5ad3f63c9", "id": "CVE-2026-3260", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-3260 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-dist." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-dist@2.3.10.Final-tuxcare.4" } ] }