{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:489b9862-a14c-5d61-97cf-6458a0dfa339", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-rs-sse-jetty", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:09bc4ca1-5348-580a-8412-f9296f6f80d8", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4ac1b7c-5e39-586a-aaee-d1e4faddfec3", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e41e021-9ba2-5700-8740-cea37384cb18", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:361770f1-9f91-5b72-be5f-0272ea6627ef", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b357245-9e80-5b35-8836-6468c872eb67", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:612313a2-9e10-5d04-8107-86bc0d3ca89b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c46d31b-dac2-5216-87d7-bbb3926ff27e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d5b321cc-16a2-5d9b-96ea-c5fe5adcc812", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c9e2b196-6100-5b6d-a097-864725b5f8ee", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ec9f0a5-93b9-5a90-b8da-233e177f2455", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3294569c-c3c7-555d-8a39-615ab8d53943", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02e7d3af-7ff8-588c-837b-c1ac854648df", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:28e746e2-8445-50c5-9ab3-22bef7dcc642", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c02e9816-a2c5-51e1-a74a-54b8fa91d19c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fe1abb30-ce6f-527f-b76b-1442964142e7", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c4c8589a-ac0d-5c01-acb3-e8949c976a16", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:35c43ca7-cffd-5195-936a-cdcaaebef8ab", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-rs-sse-jetty 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:615258ba-2386-5476-adef-62b0adabb298", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f12d0355-c5b4-5640-8dde-b7d62ea7c6d7", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:76003794-7386-53a1-be1f-a90d88674bf2", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72e32156-89e4-517c-84d7-e3ce8f9b2b4f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:225a06ee-dd32-553c-abce-1a4b6739266f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf89217d-89c9-575b-bfd1-84a79e1be4e8", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66f987b1-2a4c-5c26-98ce-0c816f605348", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce23ad9f-47f5-510e-9774-6a29808387a4", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ec5cf4d7-be56-58e0-8890-02fca1202ab6", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-rs-sse-jetty 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf436e65-8dc6-5937-bf0e-51a8dc1ceaba", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1977e23a-86bc-5fa3-97b4-bca8aeadab9f", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38be9d48-596e-5509-abea-db24898098e6", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e3dfcdc1-d344-5e72-8986-e81ba4966072", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-rs-sse-jetty 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27f39b9c-7cd3-52af-a074-273b3f7cd673", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bba01fc6-77bf-5e1c-9e23-5b4cdfdb483d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bf6de4fb-9c99-51ce-9469-1ae719889bbf", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b19b0dd-7a59-53ee-9ea4-225f49e031de", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-rs-sse-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-jetty@3.5.9-tuxcare.3" } ] }