{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b02651fe-c24e-50de-83d5-736a293f8ed2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-rs-sse-tomcat", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b99b128f-3098-56b0-9069-7411c408d7e2", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0ca9499c-c543-5d84-9af5-0288c2153159", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:492f7c84-faaf-55a7-831c-208b84d430c4", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2fddf112-bc36-5168-abe5-21cd35446735", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a1d6010c-dfda-5dc0-abd4-37218af3dcab", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6706d506-79c8-525b-a983-5bec5dd4d475", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b4889c30-f757-531f-bb3b-276746c4a42d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:372b1771-b0c4-5d5e-834a-cf410208d923", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ad64e69-13c3-5a38-a275-8fef994174f2", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d0205fc-ec5d-53ab-b49b-a62cb845936e", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8acdf558-a4ab-5d47-ad0f-02ec2b200b26", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e3f4cb04-e6fd-5b80-9f99-5afa1e9d3a4b", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a3a7a50d-d804-5ba5-9175-fc518c3fc0ae", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fb4a7226-7d3d-5e29-8dd6-70aa6046a7b4", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:35fd1644-76c4-5c05-8b1b-d1e674937cf8", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8a7f653a-3c2c-5005-97d5-50517fca7db1", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dd8098da-c9b7-5ac9-84dd-712c478320f9", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-rs-sse-tomcat 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:548e2a3f-ad3c-5837-8394-0217d4bf147b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4f0f4667-1d16-51e7-b419-4d58841e9828", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:021884f2-8d86-59cf-addd-a202b4cf2cd3", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f76fc43c-0d65-5bf0-bd86-fd79f9b81b0e", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2922525b-294f-5b13-aca9-3069f7d4fb99", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:174a1d6c-72d7-5989-aea2-ee604f85fd4d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fa554917-6d0f-5551-b7c3-0c57b41d4003", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a07a55dc-fa76-525b-817f-861bb128de2c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8e4993ca-7f3a-569c-8cbf-27da8e0a1769", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-rs-sse-tomcat 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b71157d6-a195-5a29-873e-c01b559a3adb", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:52072724-b1d6-5a91-97a6-8a767cf57f73", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ba8307c0-e2b2-5c60-bcf4-0b8be38f3ca5", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7589ca68-a02a-5ecf-8fa9-6256a585ac7b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-rs-sse-tomcat 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:693d8fde-79e2-5904-92e9-5211751e43c7", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6bdc340b-de13-5e09-9347-29d20d0d24b3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:35e0d610-4dbb-5895-9f20-0d8c3a505054", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:15a9604d-957d-5a0e-8daf-37322dd16e8e", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-rs-sse-tomcat." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-rs-sse-tomcat@3.5.9-tuxcare.4" } ] }