{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:13947cfb-a7c9-5246-8317-1397da1238e1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7", "type": "library", "group": "io.undertow", "name": "undertow-websockets-jsr", "version": "2.3.10.Final-tuxcare.7", "purl": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:511ef849-f0b4-5b9b-af94-39a9da85a690", "id": "CVE-2016-6311", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2016-6311 is a false positive for io.undertow:undertow-websockets-jsr 2.3.10.Final-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e5b5a707-dd31-5d09-8a7c-6852251d98b4", "id": "CVE-2023-1973", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-1973 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5bc04ede-0dc0-5750-b323-f89e5d41c9a2", "id": "CVE-2023-4639", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-4639 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1d07a06a-130f-5035-821c-91c3cc63a1a1", "id": "CVE-2024-1459", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1459 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e10e501f-5ba6-5fc9-9a35-91d183cb6bac", "id": "CVE-2024-1635", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-1635 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c6ff0680-1b67-5a44-b9d8-c1c4a0c3ea0d", "id": "CVE-2024-3653", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-3653 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ef5eb747-3cc9-5cd4-8a89-07fac784f062", "id": "CVE-2024-3884", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-3884 affects version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3f7ceb1f-7532-5b7b-a3fb-23caa28d6ad8", "id": "CVE-2024-4027", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-4027 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:61d20fe0-f52a-5f88-bd2f-6c4d0d307716", "id": "CVE-2024-4109", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2024-4109 is a false positive for io.undertow:undertow-websockets-jsr 2.3.10.Final-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ad7c2f39-3ea5-55a9-8388-b4666c8d8b92", "id": "CVE-2024-5971", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-5971 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1ef6ab11-4112-5cc1-b918-234fd8647376", "id": "CVE-2024-6162", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6162 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:45ea0671-6158-5259-b135-633173f47ce4", "id": "CVE-2024-7885", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-7885 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c1df6e07-bef6-5520-a4ac-92d1aeeea9ac", "id": "CVE-2025-12543", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-12543 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6d217532-c9ef-5245-b087-32f3fc2975ec", "id": "CVE-2025-9784", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-9784 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d214a05f-4493-5991-88df-18c953622d9b", "id": "CVE-2026-28367", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28367 affects version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c163b196-6a61-5a6c-8691-c7c62165a661", "id": "CVE-2026-28368", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28368 affects version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:695d678b-c050-5424-b496-023b080256f9", "id": "CVE-2026-28369", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-28369 affects version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1bb2106d-f125-57af-a5b4-91bc593ee761", "id": "CVE-2026-3260", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2026-3260 is fixed in version 2.3.10.Final-tuxcare.7 of io.undertow:undertow-websockets-jsr." }, "affects": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/io.undertow/undertow-websockets-jsr@2.3.10.Final-tuxcare.7" } ] }