{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6da0bf45-fbff-52cd-a795-7ff27393b565", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3", "type": "library", "group": "io.undertow", "name": "undertow-websockets-jsr", "version": "2.3.10.Final-tuxcare.3", "purl": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:59aaf2f6-e7da-5935-a8cf-d87bf51d2185", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-websockets-jsr 2.3.10.Final-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c1c08873-af61-5449-93d9-4b5f1d00be72", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fae91a32-21c8-5ad8-9cd9-0bff02ff14cf", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e3c32b83-4b53-50bb-9621-ccce9618e20c", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:be729573-301f-5dad-86f3-cbc99a3c71b9", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1b3f017-2f29-503f-a890-7715718275f0", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ffb61eaa-8fd5-5f72-8530-93c42a6e21ec", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b1418a1c-eb8b-5f4f-a6da-cb8e2be7c0c6", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ce08d95-a679-5140-8c46-5f5b935b9f0d", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-websockets-jsr 2.3.10.Final-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:06edcb5a-a7b4-5530-abb6-2f1632ab67d0", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:87f7a184-a4f4-5802-9c00-b01a31d572ac", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ffd023a0-0ab7-5c94-a8c6-fe60aebea0c5", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63f71f82-87ec-5dfa-9c8b-2976962f3b58", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09284bd0-80df-51d6-b308-899621478d2c", "id": "CVE-2025-9784", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-9784 is fixed in version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a52527eb-6479-570d-8716-30a3739e6195", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb205521-df8e-57fa-89e2-231794eee139", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a45cfcff-9481-5ac2-80bc-b5ea433499af", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78fddf00-21b5-5b5c-bd14-1e32b3c61a88", "id": "CVE-2026-3260", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3260 affects version 2.3.10.Final-tuxcare.3 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.3" } ] }