{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d5a667ef-8b52-5a08-9078-1bef45231398", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4", "type": "library", "group": "io.undertow", "name": "undertow-websockets-jsr", "version": "2.3.10.Final-tuxcare.4", "purl": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:84aee2a6-1bdd-59a9-bbe8-30f3ec4f44bc", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-websockets-jsr 2.3.10.Final-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3295709a-90ec-59e3-99bf-44a1c02b714b", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d880ca8c-2068-56b7-a3b6-d39a38740a80", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:03005964-4d24-5282-aeb6-98adf58ddd88", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:67fdba86-b64f-56ff-bcda-606c676d3b31", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d9abacdb-85b1-52fa-922e-669d0d17a2e2", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f3d9c24c-32b0-57d2-9c04-3e03460b04b1", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ccc96c3d-9f72-5bba-baf3-e7ac6b9b987b", "id": "CVE-2024-4027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4027 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1cf4e88c-34a3-5d20-9efc-beb9de18d1c3", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-websockets-jsr 2.3.10.Final-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07ddc559-6f4a-5084-a890-5b2c695acaaa", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:86e59526-e7da-554e-830f-b163960db4c6", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8bc7e6c9-58c9-5fc8-a8c2-c41c0da655ed", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ac08114-4f07-5dd9-a603-04a5fb9d89f5", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aef94b44-8bd5-59a7-985a-00e88820c8e6", "id": "CVE-2025-9784", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-9784 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0977de14-c257-59f4-957f-ab27f9728ada", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f09ccc86-deae-57bd-9d50-075c08254ebd", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a12ac0cd-f293-51a3-a4eb-e6808aa89105", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7cb9e302-76c9-5dd9-bbc8-a6f718a6c7f5", "id": "CVE-2026-3260", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-3260 is fixed in version 2.3.10.Final-tuxcare.4 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.4" } ] }