{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f56590b2-97a0-5702-83d1-fc3724ac55d1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3", "type": "library", "group": "io.undertow", "name": "undertow-servlet", "version": "2.3.10.Final-tuxcare.3", "purl": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:47f64025-3c36-59e0-8072-898c21885197", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-servlet 2.3.10.Final-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:39f899d4-204e-5356-aebf-31306ca48c13", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd025c6b-a41b-547d-acc9-0c57ad4706fe", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c40c7ea8-126c-5ca2-9cec-b607111924ad", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80cb5871-ecee-52be-9e26-c03022e650f4", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7b98f638-dca6-569d-8634-fba5fb481d62", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0f879521-26e1-5e56-887c-e0fe24984547", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e17e3c82-2924-5043-99a4-26e8815a6601", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d5b2a1e6-4abc-5bc5-bfb7-c18a2f366e2c", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-servlet 2.3.10.Final-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5f00a4af-e4b9-5b61-803d-1aac75612edf", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:12ab2c40-797c-567b-8573-055900d5e7af", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cee58d5f-a2a5-560f-8210-3a2a8dc452be", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0811d0d1-1614-56f3-a863-cc699a1792fa", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:00de678b-e8b3-52ef-89d9-9b271c11eec8", "id": "CVE-2025-9784", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-9784 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8dd30e0c-c99d-5ff9-9820-7c261b6af767", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7c3ce7d3-0eb3-544f-8988-3f1f9fc11f6f", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20dc6029-5b68-5cfc-94b7-04d4febb4b2d", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a07e2f9-09ee-5a44-af76-8e3db009d6cb", "id": "CVE-2026-3260", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3260 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.3" } ] }