{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5f9779cc-a586-5cc0-91e6-eb86acd2ab50", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7", "type": "library", "group": "io.undertow", "name": "undertow-parent", "version": "2.3.10.Final-tuxcare.7", "purl": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cfdac857-8cb0-5c40-9a20-780121903ea7", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-parent 2.3.10.Final-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d9018a59-73be-5381-ab59-fafd001d19fd", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cb6856b3-d6a6-58ab-a901-2feb5070288d", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e3f5e93b-4850-5441-b6cc-6784dadd9713", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3f14a895-20e2-51eb-86a1-ce03ffa7e556", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:606da74d-4b6a-57e7-8556-69984f7b0619", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c556886a-9acd-5e03-ae85-c8d17baf8c52", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c7b5704b-2877-5e1a-9ac0-836cba4d109d", "id": "CVE-2024-4027", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-4027 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2f24fab6-ea50-5812-9601-a7b7f92c9b43", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-parent 2.3.10.Final-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:afe9a57e-720d-5b00-908f-093cae686905", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ebadee19-3812-5279-b5e9-ccf90b6b2165", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6cf2bacd-6658-5b94-9cdf-8664dd6273db", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:59a7c4ad-f91a-58bd-bbed-c9c27b193017", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c73b18d0-096b-51d3-a312-ad52468eaa20", "id": "CVE-2025-9784", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-9784 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:83e941f0-e7e0-53e1-9b75-534ba32be169", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:35d2550c-12a4-544e-a2a8-a28fdb4ba224", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:66515a43-2648-5b94-bbd3-ec6c62b9980a", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:eb8c2534-38fe-5b04-9ced-77b82dedeca3", "id": "CVE-2026-3260", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-3260 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-parent." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-parent@2.3.10.Final-tuxcare.7" } ] }