{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cd50be57-f4b9-5514-8a5a-169e34b59407", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-hc", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4082ae0d-3f1e-58ac-9055-a61b0e2f26b8", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:99538ca1-e721-51be-8e1b-aa219fb0581b", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3a3b936e-e9ac-500f-becc-86b3c76aeab6", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8e84402-090b-52a1-ae8e-d414c098c8ab", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a95a5339-73f9-5917-9227-a72ddcf3e425", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:34b1a4e2-678a-5f60-941b-fba568cf0d3f", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cc61ae11-2237-5433-b51b-8050f9fae9fa", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cf2710cd-b0e4-5cf4-8478-183ecbc2357c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cf99b849-de25-5ed7-b038-d9b3769d73d5", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c2a9dbe4-fdf7-5fdd-9756-a2797cf76632", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eab0614d-1cdf-58ef-b48f-dfd0179d8394", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32b3cf7a-a327-5815-87b6-eafc5c7526e5", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf4c9219-0958-5f84-bb86-e4d9e67e7b21", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:863af43b-6aab-5cd3-9481-33c906cfd1ff", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5628b511-a25b-5eb8-b946-073af9e33e71", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:213a4ea4-de40-5d1f-a09d-ecf68c5e473c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:92e7a992-07d2-5a31-8f92-5d6104f10bc6", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a7e22eea-02fc-5cdf-9053-4a7b39b41e30", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fc975a2e-5f6f-5669-851c-03dfe51a61af", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef091172-af2f-5b8d-bc43-61feed3ef94d", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dc96f96f-8ba5-5329-aa69-2fbe973dbd97", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a4d87e75-3ae2-5ef9-a9dc-10b93d240ec6", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89cb94c8-49a3-5664-adee-9f21f60ea559", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b4afd517-0c26-53a3-ab14-c283397d94a6", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fb56c6ff-6c28-5ff8-a15f-0b800f7edbfd", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4bc33d8b-c185-58a9-a923-8eb7b1b2304f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:72bffa9e-0968-5104-ae8c-524ed86072af", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4351764c-0b42-5c95-8dd9-5a09cce3906b", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:23f45b06-1d48-5eae-9613-6d60fd03a602", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:92467378-9c72-5fe7-ab3d-f88d5455fc46", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2cccc6b3-1c7d-5c88-bc43-81011028289e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d3dc9f18-0c37-59ec-b3f6-d7113fab3ea0", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.4" } ] }