{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e5f675ba-ce22-51e9-a67b-48435bd46a3e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5449b354-b81c-50aa-b3bd-22c6660ef31a", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a4421298-f5e3-513c-a644-1f653e59314d", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1dc7c1ff-ba54-5317-b22f-c6da522f1629", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:725c2e76-aa87-59f1-a806-c5e71bc2eca0", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:34a7bf1a-4fc2-51f3-835b-8c0c5efea7ca", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b19e9ac7-cc13-5850-b02a-81bb84a13a66", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:57036c20-bdde-5394-81a0-60dfa5c0a705", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9ade5a2b-a4ae-5e70-9033-f25708891c18", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c16d391b-bda7-5a3d-b5f1-01f2b3f1827b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:22251564-4a8f-589d-aecf-1b521c32f9ba", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c66852ad-df20-5b95-b3eb-225a637f29a7", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fd9d86cc-f1de-5332-8c74-5f54da210069", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:34696735-bf53-516c-be37-bedd6e810b70", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c434da42-2c57-518a-ad3d-7aa248b6b9a9", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9c9c0837-7a67-5297-be0c-6ab710fd98a9", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9d962d97-8245-5d3e-b1e3-a08b71b1d373", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:656bc3f5-571f-5853-bfd1-3488736420f6", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d72bea6b-4d46-5ebf-bd0e-354568a783a2", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:70ee01c8-c62a-5c2c-82c3-4ad42c33fd00", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ae4f487f-6bb7-524c-8844-bb393b60e400", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:426600ac-2404-53bf-a6b5-d30d58869cb5", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3001994f-5998-51ab-a9e4-ade06a9e6408", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:89d86961-17e5-575e-8778-439589c7c11f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0e046a35-a787-5e2f-8404-1c0aef2ee0d1", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:97fa34da-df3f-507e-8840-4f5ed3b1965d", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5001feb5-70d1-5afd-b7ef-8b1c4d0204f9", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2a7306ac-d3f6-5a0e-bbda-4f19af4453c7", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2b5b7260-cf02-54ff-b857-636d7585a848", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-http 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3f646f37-08a1-5020-962b-46b815bf7640", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0be026ef-1ced-56d4-a0a1-9781a3e13a04", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d716401a-fc0e-519b-8a21-4d7b56040c72", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ba529999-27dd-54cd-8b36-311a8c06e045", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.7" } ] }