{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7be24113-fe6c-53ad-82a8-12113908902a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2", "type": "library", "group": "io.undertow", "name": "undertow-websockets-jsr", "version": "2.3.10.Final-tuxcare.2", "purl": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d435e210-6838-50cb-a9eb-86a39f8dc352", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-websockets-jsr 2.3.10.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b30f1119-f2ad-51fe-830d-d9495e80cdb1", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2e164cd-ea32-55b6-a304-b3ae03d03684", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dee21115-fba0-59bb-bd05-aae655154381", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7f9bc94-0671-5247-a309-503d1a7e6876", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c1a1eac9-db94-581c-902f-a5ebe4b87955", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15e4efff-cba4-534f-b166-1bdf1f94b81c", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e6390c6-3aa5-531c-b1df-261d81c39eae", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eeb1db6d-dab1-59be-8817-f771749aa4ae", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-websockets-jsr 2.3.10.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:89c9003a-8c74-5efc-bc85-c45675b347ab", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e8937c6-b575-5012-8c7e-d3d1ccbcbcc3", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e1991707-1a64-5ed9-b8a4-135f8243fc38", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1a7b8ad-3dbd-551a-88b2-0e3b98d5aa41", "id": "CVE-2025-12543", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-12543 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9db64fc1-3034-5a59-bf02-6b27484e2274", "id": "CVE-2025-9784", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-9784 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f804c58c-feee-5275-a077-38f8278d1699", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd88663a-9d64-5a1a-85b2-1d534f075694", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49fdde41-de46-5ed3-aea7-31cb985b409c", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea6bafcb-9a35-5a2b-b58a-5f8be52d3be1", "id": "CVE-2026-3260", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3260 affects version 2.3.10.Final-tuxcare.2 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.2" } ] }