{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c5776a68-0ab4-559c-9711-21d2a5f01bb6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-http-sci", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:030c1d4b-0373-535f-a9f8-48ab76befd6e", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce96c58a-fc63-5cfb-971a-562c1dbb13fd", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f2c9d01-09e0-5e4d-a83b-c047da7b868c", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:934788ab-0f61-5962-bbf7-07ed67f52e9e", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:698ca58c-d5f2-5275-9029-471890023284", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:50b2ca04-1ee7-5951-a72a-5eb1279831ab", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b7f08f4-6bf9-5fc3-b1e8-aafd08dd7927", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97514924-6c2d-50bf-a873-a3623f276d50", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:572c565c-e78a-545f-9002-50d380252b1b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b68b3f74-a49f-51b2-b593-ade921285776", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:613c667c-334e-526f-b549-33ce740a8a3e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7cd42399-94cd-5f2e-a97e-8facd83c8a8d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8c977df8-e30d-5564-a4c2-506212a86cfd", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f189004d-a21b-50fd-bd83-752f7183c6b8", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c4c23516-1a23-5627-8f73-b28ac1985ae1", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e6a2e9bc-de30-567f-91d7-67050efc463a", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:abbdaf67-9134-5af1-8816-3c5d9c00bfea", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dcb22e91-eef3-5df1-a64a-eab057953a3a", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bf971ef2-67e3-5a4e-ab53-eee0216e6c2f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b414d15-7b98-5209-b073-405a426d8467", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3bf79cfc-5103-5eed-8191-71cab7acdfcb", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3c3f9be2-f133-5346-8c22-1c8d4d59c584", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27900356-9284-5734-8aac-b96b874f639d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5134b8fd-211b-5738-8801-cfa9a774f02f", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cca4bca8-325f-55bb-8993-9f2fa36aa0c7", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4fdec184-59c2-58d4-8349-3087a9b137b8", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-http-sci 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d7f37d7f-0985-57a0-b85a-6480a952be21", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd3bad0b-c11e-5e35-ac52-7db8bc34ce06", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-rs-http-sci 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:020939ca-071b-560f-8a33-9dd0de12c7e7", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d8797173-246d-5bc9-aac3-4e539f977a40", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-http-sci 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3963c8fe-a261-5d9b-84ea-cf006575be1c", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db8d9015-44cf-5042-86b2-74771e3e91d3", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.11-tuxcare.3" } ] }