{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8b2d0d14-a3fe-5328-92b7-e41036ffb392", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7", "type": "library", "group": "io.undertow", "name": "undertow-servlet", "version": "2.3.10.Final-tuxcare.7", "purl": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fcdc0b36-60cd-536a-aeb4-9ea0cec73972", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-servlet 2.3.10.Final-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1bdf94c1-57b0-5e48-85ee-3d98c4054c1e", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c98f054e-fd83-54f4-8cb5-35d43140f047", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bd106db1-bdcd-52c7-b75a-cc1869d1a236", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6e487491-4dac-5c1a-9482-bb2a55712e45", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:aabda60d-e414-509b-aa22-f1eee265393a", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7fa1431d-ea15-50a7-8fa8-b92a60a4581c", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a043ac40-eb83-5a59-8f75-bb965cb00f21", "id": "CVE-2024-4027", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-4027 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:49f2bdc9-ba52-5b5c-a581-96c9cb983f81", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-servlet 2.3.10.Final-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:72a400c2-ca95-53b6-95ca-0bba7f20e9fe", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b09a895a-0691-5957-b902-19be3944aaf3", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d7026a24-a834-57ec-a085-f07d0efb2546", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2d6c117f-c9ba-5eff-9a39-d076b2da0e3b", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e91323db-a399-56cf-8b47-6b604da69ae4", "id": "CVE-2025-9784", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-9784 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5cf37ba1-f16f-5d05-9bb2-43d1321fb33a", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3d472456-9ffe-5466-9a0f-751c0f63f6aa", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4dc7f8d2-7169-573b-af71-c75b70bd64b0", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:168c50d2-adf2-55d2-a9bb-72fa08815325", "id": "CVE-2026-3260", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-3260 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.7" } ] }