{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fca95582-7258-59d3-bcd9-79e523601c6c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5", "type": "library", "group": "io.undertow", "name": "undertow-servlet", "version": "2.3.10.Final-tuxcare.5", "purl": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:656359e6-6fc5-5cf9-b01c-13922d5cb5d1", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-servlet 2.3.10.Final-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1e1f98f8-8189-5950-8e15-4728bbd91e94", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a8fab047-1cb6-5240-a81b-5b3d99d0b960", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:81511304-a981-5e84-9501-349c7fcd464b", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e8d68ded-1d5d-5a0a-bdb3-bf9ab3e40d96", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a31785d8-c0d2-5287-9249-a1a025dc388f", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:759444c0-236e-50c9-bd6f-6a03469cd660", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9e422b3c-abad-5708-82b2-9ec00150f8d4", "id": "CVE-2024-4027", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-4027 is fixed in version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ae62839d-7a7c-519a-b06f-1e90dd105490", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-servlet 2.3.10.Final-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0c30ed57-173a-5ba7-8d58-32581034f733", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7b820524-1460-5c57-9ba4-fdeba2958c37", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:56e7c23e-0a2e-5460-83b0-18bf62ded111", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0c1328ef-31df-55c6-ab9b-31a682f92d1d", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ec1c8a7d-68a1-5273-9511-258f1bb0734e", "id": "CVE-2025-9784", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-9784 is fixed in version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e6da947b-e143-53ac-8431-893d78bdd5b8", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:589653e5-2e2d-5a48-8f23-054591b552ee", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:789d84fc-b115-59a4-af7e-86f28b2b3932", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b9567e4c-e6e0-5d94-a851-e613e7a82215", "id": "CVE-2026-3260", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-3260 is fixed in version 2.3.10.Final-tuxcare.5 of io.undertow:undertow-servlet." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-servlet@2.3.10.Final-tuxcare.5" } ] }