{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:054398d3-de86-5b6a-84fb-0808d488ade2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-http-sci", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0d313042-73e0-56da-ab22-506471b9ad6d", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75267e47-ae25-5483-b851-fc019252152a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0341a66-34ae-54e5-b5fd-ef2848861d68", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3630477-36eb-52d1-b5b9-af746657ad28", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:50b492ea-26a2-5e66-b2f0-dacb3bc22484", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:549d82ae-6882-5d82-a816-4624a7b09f5b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3c99e99-0896-56e6-9dd0-7d2d8c5e9bff", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6c912f9-4dc4-5f59-a336-efa325e96eb4", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa94abc7-0b18-5bed-b3f5-05bd05973c57", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b3acabf-75cc-5bcd-8a12-f3cea810d823", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f9e8462-635d-5399-9266-1c15b8fd364e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a25adb4-927c-5f25-a9ac-9a87877a7fe7", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:149ac033-5863-50d7-ba76-06310adc7328", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:578c222a-7346-5372-92f4-5d5d7d41ada7", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8808db5-fefa-5cea-bb82-6600c5c12338", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5d9fef16-9813-5d98-9336-084c7a5550a7", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:594ba9ed-b23e-5e62-9113-89f90a6f34ab", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4dc5e1ab-8b48-5192-a686-ea7716ef7ce0", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:459af6fb-e382-5015-a4c9-106db2fe23a4", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2082c5d8-328c-5cb6-b46e-e2e3979203cd", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ecb0ca8d-17b0-5b29-9dfe-03b89fa6953b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:529fc25e-3c85-55ab-a805-4fa6bded3238", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df7ef98e-a86e-598b-817c-fdfb1f2e1620", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67fe75a0-b415-5c95-aa8a-d8a6e03f8f31", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6aaa50a2-d0ed-59eb-9bad-2937ea1cfa02", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eba197a3-983f-5c71-80ca-23ed5cc09833", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-http-sci 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fff3722-461b-533b-be8b-aa8c07f0522b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:200cf339-0785-5882-9402-46422da26db9", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-http-sci 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39ba15ae-cb41-5dcd-bc7d-27bc66b3a346", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:140d0b82-9f87-5091-8bd7-e9712c0d9298", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-http-sci 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b0ce402-f6f8-5e3f-bb47-6a820e4da794", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14410b34-a1cd-5e33-9793-46651282050d", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.2" } ] }