{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:db764f2e-0d68-5891-a53c-849eb0ca943e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-http-sci", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fd48753c-5e40-5995-a560-5cc19a868ade", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2601c5f1-b0da-59f2-8656-4dd82e9c14a2", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:31830076-c388-500b-ba47-b855147592e3", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec1e3fe9-5c0a-5991-bf1e-c0ff8e80fd92", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:94a5dd60-3faf-52ad-9376-13c13c5d2bec", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8bbd6c25-5999-50da-86b7-1bce43652160", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f1074614-fe56-555f-801a-32a4907eebbf", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8ce37de7-f515-5804-b7b7-f61ae4adce82", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2aa31d58-dcf0-5241-9155-7a96f4199ce7", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f8dd010b-717d-561a-a72a-d4d5fe58d031", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4172a07c-725f-5e87-8c83-37d6f9e263e8", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:23ef09ba-378f-5c0c-bf90-ccd59be35bcc", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8c1cf224-1988-5c14-9701-36748afe71fc", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:de94a4e0-892d-5414-9fa2-7a9510a9ee2c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1112384d-2672-5828-94a0-6f9bc7e9c1d9", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e582b2b6-fc66-5ade-9e98-a2e0aabb1891", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3f957c30-8294-5416-8d09-7cae957d13a6", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-http-sci 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a1b39b6-4890-510e-ac65-b017922a00f0", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:74f96471-9294-5533-bb3f-1a503bfb3f95", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e2fc0a35-9aaa-504a-a95e-bbc9cd1590d0", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a91f0281-70d9-5a8e-a429-c90c129ea0d9", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d69d1dce-bfc9-547f-b5ad-b7ef63e0ef4a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:838e0252-d14b-5323-be98-4ec465d6d504", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f49ed710-0e04-52bc-b723-ce080ea60649", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91430ac8-ec1c-5a81-af0f-febb0e8dbb38", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c3f8bee2-52c4-59ce-b0d5-e558fea82641", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-http-sci 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3bcc2fff-c713-5af0-97e0-c0742a4a0e69", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec96c7b0-02a8-5c9c-9378-c0fb0dd75bf3", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eb72861c-3f01-5796-9d9a-933e994b28a7", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9ba312d0-d966-562d-82ea-0c48d97ad73e", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-http-sci 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9f0cb6ef-a636-5a88-862b-a0ed9fc8c3f4", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:99e4579e-2d06-5c3d-911c-bd9496f0bbd0", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:97350421-952e-54ac-87e1-c2a9b3b3a567", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ba072af5-c4da-5667-b6e5-75d19e6f4433", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.4" } ] }