{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f5f7c36a-d0c7-50ac-822f-ccb3f807bb6d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-http-sci", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:02ae08d3-be38-5db8-97e5-9e63262d7d17", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aeb13316-226a-5790-b082-2c840bd62c08", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c1837b97-3bcf-5e1d-8942-24e9c2532fdd", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b470168-a375-5d47-87d5-5718bffff049", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0fde9a0e-5ce6-5ff0-8eda-efebe9e2b478", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9a971c44-be61-563d-9453-e13212e3ed50", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a9e5033-35fb-589e-affd-499cdbb57486", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:67d8b4b4-a78e-5e18-9dee-adf10d5e6be3", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a44c4cfd-5d83-5661-b83d-2b46997f7f8e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ffc56c0e-211f-50ba-849e-d8b889bb77fc", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a5de9a03-3238-54cd-8a37-79666f86d65f", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f9bc64ba-3a2b-502b-8e23-59ddf5033563", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:27632a3b-226f-596a-a4b7-c12f222a4d13", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8dc96ff4-00cd-59a3-a759-8488d17e9030", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f0519d96-e4a4-5a11-a6bb-d278c66ebc5e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff0ae659-79a2-5b25-8846-89229fb22ffb", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:01d2ea26-0ad0-5f7d-9452-41ab592afdd5", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:52446b23-dcb5-5da7-b1f6-b8a1ef137f86", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eee2c4f4-7d2c-5054-aa25-ce0f3669b97a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d68323ea-7859-5248-9446-2fb77485a975", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:87b40624-a45f-5d9b-a30e-d2bb72b71b24", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dba2b5dc-7eed-5390-84da-bec1686012cc", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:750732c6-837f-58c1-9d36-437ec83ab031", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d0a84c85-2e53-5e04-8292-536dfbcc45c9", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:10a2f5ac-0c99-5bd5-b65a-0adb8ff6ec0d", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75f24445-fd25-5f07-a555-0945ad15746a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-http-sci 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:77f04a87-3c0c-5008-8fd9-d97495da5161", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d5af34f0-b771-565e-8672-4d87ea249ee4", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.systests:cxf-systests-http-sci 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eb538256-6112-5174-b660-809b01c9d852", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f927e2a2-7975-5792-b923-58de97c4e968", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-http-sci 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:47169923-e9d6-5c36-91da-d7cd728c88e9", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d070ee3-147d-5cb3-9822-c984104df469", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.11-tuxcare.4" } ] }