{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:19fe8589-f28a-5b7d-a97b-3f6b905f7264", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1", "type": "library", "group": "io.undertow", "name": "undertow-parent", "version": "2.3.10.Final-tuxcare.1", "purl": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:eccbf258-2e9a-50c2-8f6b-2484b60991a0", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-parent 2.3.10.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea6ec27b-70b1-59b8-895a-4704f4f58c67", "id": "CVE-2023-1973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-1973 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:518c06ac-0242-5fc6-83cc-f4cf7ab35cfc", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20a82f58-41ef-5388-8d3d-184fb045725b", "id": "CVE-2024-1459", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-1459 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:103dbbd2-49f8-527e-93c7-32488f25f29a", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80925569-8f8f-5440-a642-732824010c02", "id": "CVE-2024-3653", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3653 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d277cf60-ec8a-533d-8973-e1cf9e6ea640", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad0a8497-42a0-5e7d-8c82-95a105820632", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:93fdfb0d-cbe2-5e3c-a893-c30641d40ef2", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-parent 2.3.10.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d3a0b49-0e56-5d4e-bc6b-eb0c1c09eeba", "id": "CVE-2024-5971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-5971 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cff5a8e5-0e53-54e8-b9d3-2df4ac6aa80a", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc735b12-4337-5ecb-9167-95e8df471a01", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe60e2ea-97c5-57d4-8ad3-fc4609d37343", "id": "CVE-2025-12543", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-12543 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:022bb15f-b1e9-57eb-92b4-12259014906b", "id": "CVE-2025-9784", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-9784 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec238de8-b3f4-589e-bfe2-24b5ba0f4839", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c827d98-cdb1-5f6b-bfc1-6101aa00ca51", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5b89fcb-3158-5c7c-894a-b6a6e8d3eceb", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22f40bc5-5fe4-5229-9a89-c7bf566c992e", "id": "CVE-2026-3260", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3260 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.1" } ] }