{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4b0168db-ec54-5f9e-8d8a-55e7286a7328", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6", "type": "library", "group": "io.undertow", "name": "undertow-core", "version": "2.3.10.Final-tuxcare.6", "purl": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:66d8a3a9-724e-50b8-9ac5-6bd95ae5da28", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-core 2.3.10.Final-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7b82b1ae-0faa-5367-8cdd-a70b4ca068c7", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:133ff979-396a-5c3e-910c-cb45dfb3370e", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:396a3dea-8e71-59cd-bf5e-200232763109", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4a4ea384-fa76-5864-b4c7-9f1265e92b90", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6d4a8d50-0382-5823-9321-ac6c40f17f9a", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:45f1e20d-ec0d-5729-a657-eaffbaa0025f", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b4194981-11a9-5642-987d-eeff3e5f80ed", "id": "CVE-2024-4027", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-4027 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5aa5a01e-ff91-57e1-9678-b148f36e5145", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-core 2.3.10.Final-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:71569892-675c-5024-bd59-5de0b8ea9cd7", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3ec53605-c390-58a0-95d7-02f388e44547", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b33ac3de-647f-5b95-bac3-bf1da4e3d2d2", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:00e3d2d0-deab-5790-9d84-77a7e05593c2", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:279c9293-fb54-5d23-bff0-c242c008e491", "id": "CVE-2025-9784", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-9784 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ecdbb6ce-380c-543a-bc21-78990a1a367a", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ea77e750-9eb8-5e54-acb6-c1b648dc63a1", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fe1d557b-ad7f-58ca-9eed-28432c113a4a", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3c127dc4-5456-5e09-9a8f-1d021f1eb800", "id": "CVE-2026-3260", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3260 affects version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-core." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-core@2.3.10.Final-tuxcare.6" } ] }