{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4b27cd06-45d2-50b0-b6f2-fe6359cb7266", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-http-sci", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2231dd5d-d9cd-54b7-a147-4600fa478ee4", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31ec0603-697b-53ff-b590-1ca2f0ec4e7e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7cfc5862-6291-5212-bee6-90f6febea8c1", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb21aa90-a7f9-5fa8-8945-9e476ba8d398", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c479139-60f3-5924-900c-cde69f4dc27a", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69d15434-5785-5ece-89b6-eecd076dac67", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:622db9dc-f15f-5dbb-9a09-d61eef37fe6e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91d13ff8-87ae-59b1-9a6b-5b79d13e5157", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79c7cf07-7abe-5180-9690-bb6b3203ad6b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0210c5d1-7865-5d32-a13e-fbda7fc0a5be", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2c4dff8-05ab-594a-8d37-72acdad28a8e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be1ca375-ef6f-5792-9e0d-e7fb66481546", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b36e3b0-1326-57e8-af6c-dfac42a87d83", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8265a532-5cc0-5c61-baa7-98a4254af81b", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e775afb5-b27b-57d5-b598-2f5fdc6da337", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed31919e-6c76-5daa-a127-766552a4c3c0", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d142d1d-f4b1-56d3-8d4c-870a77148950", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-http-sci 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67882821-69d0-5c33-a4d8-8ffe98eb13db", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:037012da-11b2-585c-871b-50eecc34a4ae", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:859c0313-4533-54d3-b69f-49051674a5ed", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f85b3931-dca2-596c-95b9-55deeb18e964", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02e4f322-6b2f-5e22-9262-bbd1a3743a21", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a09682d4-1063-5e72-88ed-7c80c02f813a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d825a291-ca3f-522d-a315-42ea7f10a1eb", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa5815d0-f265-5c6d-a087-f690869a5886", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e358a37-0c34-5607-8ae9-f5374d41f9da", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-http-sci 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0bc532be-8ce5-5c74-b35b-db3b87c514a6", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e61dea50-5270-5b6e-9dd3-60e0718fa449", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59dfbc3c-4735-532e-bd37-b73efe9a72f6", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c09a6e2-5c0f-58d2-9cf1-33eed7bf0789", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-http-sci 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:febe72d7-e5a2-5fcd-b6fc-6795c5fd925c", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79425749-3536-5447-a656-35ee090a5ad3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b366d7b-045d-55ee-8aea-9d192aa11697", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e978543-1bc1-5eb6-90da-552a9267ac60", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.2" } ] }