{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1df7d9bf-08e9-5236-b063-082ecea63913", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6", "type": "library", "group": "io.undertow", "name": "undertow-servlet", "version": "2.3.10.Final-tuxcare.6", "purl": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1e8f72b1-d629-5780-a899-19c54695914a", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-servlet 2.3.10.Final-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:90b29cee-532a-5f78-9efa-bdef7194849e", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e2e4e557-a8cc-53a1-9ed1-32898ad98fc8", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9ef2618f-7ee5-53bc-af6f-a40ba3c3faaa", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:693dbeff-61d6-5858-9e7d-4d41b2f292e3", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8b85143e-b3ff-5bd5-9547-a9ad67c58c49", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2ab797eb-0bab-5390-b393-fb62bcb3a83d", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b28b194e-0fcd-555b-880b-9246bce75545", "id": "CVE-2024-4027", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-4027 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8caea697-e05c-5460-8251-5044a3bd075b", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-servlet 2.3.10.Final-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:435de769-cba6-5ac7-b228-a33a4149aa76", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c7798339-30c5-5059-ba15-f1eda8ca28d1", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4322fc2f-bc7f-5787-9296-3765f8682b29", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:60a9716a-3b32-5756-a050-a51ebfedeb97", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a38d9861-7f45-5730-a785-ca9eb90f0382", "id": "CVE-2025-9784", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-9784 is fixed in version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:88033c62-3794-519d-bf1d-c123dabf58c6", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:23b983bf-edb5-51d7-9a05-61ef3111f707", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f076ffca-9282-5999-b40c-b227950ad789", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d497e187-76ea-5cd7-98cf-2b1fa544913d", "id": "CVE-2026-3260", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-3260 affects version 2.3.10.Final-tuxcare.6 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.6" } ] }