{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:aa4958cc-6037-5885-914d-20085d21078b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1", "type": "library", "group": "io.undertow", "name": "undertow-websockets-jsr", "version": "2.3.10.Final-tuxcare.1", "purl": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:181a2aca-7014-5e2b-8a9c-2bfddcb4c137", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-websockets-jsr 2.3.10.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3efa4ee5-7432-53d2-a2f3-9976de3c85e4", "id": "CVE-2023-1973", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-1973 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf7f973d-f1b4-58f3-a480-654d639ef8a4", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8282a7fe-b8fb-5491-bab8-4435d7ebb0c9", "id": "CVE-2024-1459", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-1459 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ef84c6b-8db2-5a74-a089-c153cabd5abc", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:50d6d0ea-f060-59de-9a1e-5896091c181d", "id": "CVE-2024-3653", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3653 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3397632d-33f2-526d-8780-d7f6388d73dc", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:214cfb03-053f-50e5-8f8b-04087a5b1d8b", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d75daa6-0418-52f1-ac5a-53c6674d4c71", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-websockets-jsr 2.3.10.Final-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ceeb03ff-25a3-5410-b6e3-c95be592def1", "id": "CVE-2024-5971", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-5971 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc3316da-7aa1-5855-9f03-5be3f8ac291a", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:838d7a0b-d25b-5b60-9b63-587133c4720f", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1579124d-97a3-52a0-8501-18c1be7e4b3e", "id": "CVE-2025-12543", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-12543 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:541237ce-5bc3-569c-8b21-3e75ee561ca5", "id": "CVE-2025-9784", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-9784 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4200a35a-4cab-58b0-bbb3-05ba4367f34a", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ffb8d0c2-bb9c-5146-9675-5c538dbe7aba", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3bf593a9-c21f-519d-a83b-fca906a7e68e", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:77f0c15a-c149-5de0-96ae-0e95cc0c9b7d", "id": "CVE-2026-3260", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3260 affects version 2.3.10.Final-tuxcare.1 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.1" } ] }