{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3a8f2a81-e42b-5841-81b7-cf3f42d22c93", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.wildfly.core/wildfly-elytron-integration-legacy-namespace@19.0.1.Final-tuxcare.2", "type": "library", "group": "org.wildfly.core", "name": "wildfly-elytron-integration-legacy-namespace", "version": "19.0.1.Final-tuxcare.2", "purl": "pkg:maven/org.wildfly.core/wildfly-elytron-integration-legacy-namespace@19.0.1.Final-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:53b209d0-fab8-5c7a-882d-363185aaad34", "id": "CVE-2020-10740", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-10740 affects version 19.0.1.Final-tuxcare.2 of org.wildfly.core:wildfly-elytron-integration-legacy-namespace." }, "affects": [ { "ref": "pkg:maven/org.wildfly.core/wildfly-elytron-integration-legacy-namespace@19.0.1.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8fbee4d5-00b3-54a4-80b5-4b27540931ee", "id": "CVE-2020-1719", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-1719 affects version 19.0.1.Final-tuxcare.2 of org.wildfly.core:wildfly-elytron-integration-legacy-namespace." }, "affects": [ { "ref": "pkg:maven/org.wildfly.core/wildfly-elytron-integration-legacy-namespace@19.0.1.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9126a75a-1c84-502e-a11c-198f82663b6b", "id": "CVE-2020-25640", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25640 affects version 19.0.1.Final-tuxcare.2 of org.wildfly.core:wildfly-elytron-integration-legacy-namespace." }, "affects": [ { "ref": "pkg:maven/org.wildfly.core/wildfly-elytron-integration-legacy-namespace@19.0.1.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea0fb694-dd28-59ef-baea-57d0513ed08a", "id": "CVE-2020-25689", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-25689 is a false positive for org.wildfly.core:wildfly-elytron-integration-legacy-namespace 19.0.1.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.wildfly.core/wildfly-elytron-integration-legacy-namespace@19.0.1.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d88d695-80b8-5e38-9750-ce175509d494", "id": "CVE-2021-3503", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-3503 affects version 19.0.1.Final-tuxcare.2 of org.wildfly.core:wildfly-elytron-integration-legacy-namespace." }, "affects": [ { "ref": "pkg:maven/org.wildfly.core/wildfly-elytron-integration-legacy-namespace@19.0.1.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f51267f6-80c9-5444-86b2-3f5b0586f8cd", "id": "CVE-2021-3536", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-3536 affects version 19.0.1.Final-tuxcare.2 of org.wildfly.core:wildfly-elytron-integration-legacy-namespace." }, "affects": [ { "ref": "pkg:maven/org.wildfly.core/wildfly-elytron-integration-legacy-namespace@19.0.1.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d8112fa-104b-5623-b17a-fcf2fb7d2a9a", "id": "CVE-2022-0866", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-0866 affects version 19.0.1.Final-tuxcare.2 of org.wildfly.core:wildfly-elytron-integration-legacy-namespace." }, "affects": [ { "ref": "pkg:maven/org.wildfly.core/wildfly-elytron-integration-legacy-namespace@19.0.1.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:50d9687f-7c45-570d-95f7-69c2992f3cee", "id": "CVE-2022-1278", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-1278 is a false positive for org.wildfly.core:wildfly-elytron-integration-legacy-namespace 19.0.1.Final-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.wildfly.core/wildfly-elytron-integration-legacy-namespace@19.0.1.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:54a32545-a2aa-5b1e-aa46-849078a21b1b", "id": "CVE-2023-4061", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-4061 affects version 19.0.1.Final-tuxcare.2 of org.wildfly.core:wildfly-elytron-integration-legacy-namespace." }, "affects": [ { "ref": "pkg:maven/org.wildfly.core/wildfly-elytron-integration-legacy-namespace@19.0.1.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18295f2f-2864-599b-a5ba-d49da704037f", "id": "CVE-2024-4029", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-4029 affects version 19.0.1.Final-tuxcare.2 of org.wildfly.core:wildfly-elytron-integration-legacy-namespace." }, "affects": [ { "ref": "pkg:maven/org.wildfly.core/wildfly-elytron-integration-legacy-namespace@19.0.1.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6037bde4-3d7f-5e28-85ad-c98db4f615d2", "id": "CVE-2025-23367", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23367 is fixed in version 19.0.1.Final-tuxcare.2 of org.wildfly.core:wildfly-elytron-integration-legacy-namespace." }, "affects": [ { "ref": "pkg:maven/org.wildfly.core/wildfly-elytron-integration-legacy-namespace@19.0.1.Final-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:797510ba-5eae-5d97-97bd-045af17e5e03", "id": "CVE-2025-23368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-23368 affects version 19.0.1.Final-tuxcare.2 of org.wildfly.core:wildfly-elytron-integration-legacy-namespace." }, "affects": [ { "ref": "pkg:maven/org.wildfly.core/wildfly-elytron-integration-legacy-namespace@19.0.1.Final-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.wildfly.core/wildfly-elytron-integration-legacy-namespace@19.0.1.Final-tuxcare.2" } ] }