{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8522a324-91ec-57e9-b216-88a13dc9a1aa", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4", "type": "library", "group": "io.undertow", "name": "undertow-parent", "version": "2.3.10.Final-tuxcare.4", "purl": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b35a8519-f1c2-542b-a1b1-bb2cfea2992a", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-parent 2.3.10.Final-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fcd0315c-7921-598f-9354-8bad5ef55172", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0f5d2f3b-cdce-51c7-850e-53dd76a9a1b8", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:52e494d1-4c74-5dd3-9741-c99932f89cf6", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69747777-b2e8-5a10-a455-e50133ae324f", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b671cd8-6867-5972-bf71-7434a3913ecb", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26fe7a2e-387f-55b9-8be2-1f83d61499ad", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8246f817-87d2-5b2d-8d8b-6df249e16caf", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:405eb8ee-5fa6-5167-85c6-5968343907f6", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-parent 2.3.10.Final-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bc6ee442-1ba6-53c5-8586-d18ccf583ea2", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:73843b3d-e371-500e-97d0-88eb04d92d99", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e75a2925-6c11-5a4e-9e09-2cf5309c7890", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9fdfd45e-ec6f-5113-a8e9-883553b65fb1", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b7fddaa-5de5-5fec-883c-0f15230c3e6c", "id": "CVE-2025-9784", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-9784 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:24ed0cc4-c4b4-5478-8432-5f9149b0c08f", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c38f1f1f-0a89-5c60-84ab-ad0d048a345e", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:abf220d8-0e33-5f84-bfa6-86d67a7fa28f", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b66a1b2e-50ed-5a2f-aa36-09f0a15cd94a", "id": "CVE-2026-3260", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-3260 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.4" } ] }