{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5e7b068a-970d-55ee-9857-07c4ee2af521", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2", "type": "library", "group": "io.undertow", "name": "undertow-parent", "version": "2.3.10.Final-tuxcare.2", "purl": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bf8781c7-6d6c-5a98-b101-9aa9f8a80201", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-parent 2.3.10.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c125e0c-57d5-55a6-b113-ae8584f32103", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad6c2dd1-ba86-5fca-bff4-2174a2691572", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c597fbc-bdd5-5eef-8f53-78d00dda1bca", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2bc7721b-ea04-558b-9880-223f6cc78d58", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ffa8e62d-57bd-5bba-b1cf-c8850751ede8", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75a4f615-cf5a-5edf-af59-487046754579", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e1ea8ced-701a-583c-b6b3-3b47bfa2e116", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3141e38c-4872-5d25-b18f-bdeea9707fb1", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-parent 2.3.10.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62da57c1-3d12-51d9-a254-d29dbfaf1a9b", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:948d6bcc-393a-5871-9fed-4f0e814b5246", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b6341aa-ae5b-5153-95d7-bf2783991db2", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a70998ad-e750-56c7-941a-59b60553b265", "id": "CVE-2025-12543", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-12543 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:522e84b4-c41c-5c5e-b0a9-240dfd1f22b9", "id": "CVE-2025-9784", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-9784 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:606a5f22-b88f-5a08-95d7-e762eb9e757c", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44eccd5c-e6af-5259-9b81-2609c0720744", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7f11a54-179e-5c6d-9584-6b8adbc8d240", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8bfbda7d-02a1-529f-9766-96ac73942abc", "id": "CVE-2026-3260", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3260 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.2" } ] }