{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d7815f09-62ee-5746-9f9b-9858637f839a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-http-sci", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bb1b1b13-109f-5651-a093-be86c645a70e", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cfa7d7d7-a806-5af2-9164-0d87d58e82a1", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab1db691-62c7-585c-9f90-62aa6defe62f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fffe53d3-b97a-5071-838e-6ccf37829f3a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1d754611-b0f5-5115-b3f2-34a8be768c62", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:27a75a16-9f9f-5702-bf9a-576e59ae1dbc", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:78034632-ce10-5183-9d57-a462d0c63d61", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c80df864-c70a-5a50-ab08-abe3f99e485a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:41603049-75eb-59fa-a995-9d0480de0a99", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:804e3400-5065-5970-b473-1727d703fb6f", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d978ab2-c4e8-5dab-be04-1b8cb0bb70ac", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:667822e8-f102-5330-ab54-ac1e4b1b2f51", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f7f871e6-fb0b-564c-ae2f-0dc6c3f7c2ee", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:507d42c4-f73e-5298-9a4f-ac318f9c18f4", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0f98bf7c-d34d-55ad-9507-922f40f65cab", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8d3d6a1b-a9de-557e-9af6-f07e30b1f504", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c48fc73-736b-57bb-9cc4-05e2031f419d", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-http-sci 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b9dabd2a-a0b2-5285-87dd-02ca8177889f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e1298ff9-b92a-57a1-aaf1-cc191451f8fb", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c4aa1cbb-966b-5e3c-a660-b94e1a9e5d0b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e4fb7467-5bbf-5bcb-b515-de8f5fceea87", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b6937961-ab98-5998-a3f1-f1b8023a7f5f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:80c72cd3-1800-5b53-bf56-6645624725ff", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4ba385ef-1910-5e5a-b137-ed0712dd0bbc", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:853293e9-25e5-5c4f-b67b-fa38f330dff2", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d35d828-77b2-5099-bbb4-2919a614c163", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-http-sci 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:400327d6-2ee8-5177-b849-4525a84491b2", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6daa4ef2-f1ef-5fa5-8d2a-a25717a45220", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d761fae0-401b-554f-90e0-8c3c7e3f1564", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d0a9a9a-a090-5fd8-bd3b-9d3be3c1eaca", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-http-sci 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b7089889-e5b0-56c3-bd67-3b32c2ad07f7", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f74cd3a-ce24-5706-8b9f-ac99031b5cb5", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e1b7682-1f87-5bd8-bcb5-2d83af99bb87", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:60fcdb37-0b30-5987-ada8-2948dfd1eea3", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-http-sci@3.5.9-tuxcare.4" } ] }