{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6f8ef462-6b43-52b5-aee1-f882e1ec8cc9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-hc", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:12e9e03b-4973-5478-a800-9b6239f5fe57", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a8939d70-f44f-5add-973d-a5472f3ccfce", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dcb895de-d8a4-5526-ae4d-55c35730b339", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:56b53ba3-c4dc-5111-9b5b-249fe59d7fb6", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1d363f09-3de3-5d73-a55e-e39b524e9af4", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:96e54268-0fc2-5abc-9a41-a5c3edbf35c6", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:873faf64-c894-58e8-9ecc-d86411e8f5eb", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:221d62ca-6591-579e-8272-eb6bfd1e12fb", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:db491868-6395-5e64-9350-b01e1326c979", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1e2d832d-c18d-53db-bf85-47a89e27d347", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:74c44b17-e884-5b2c-bfa2-dd00a093416a", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2837cac2-46d8-5dfd-9419-bdd3bba03ab0", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:adafc264-2356-5260-ad48-1efa4ef32121", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9689a93a-d3ac-5fea-abd1-dc349e5847b0", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6779ebde-b9d8-57a2-9e49-6626d8391110", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:355b33af-d894-5794-8a7b-aef934fb8878", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:181e08b3-a707-5010-a13a-06c3134ffa40", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:64ce361d-4b49-5f04-b91c-80747181b45f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c214a5aa-7de9-55b4-b278-2ee58f0909c8", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9934ea3e-e225-5d87-a6a4-57dd5a8a2ca8", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f9b11cff-d2ef-590f-9c08-fe1383de1f3c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:53ac2cfb-539e-5a7a-bca9-4523421568f5", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:434890e2-2d5a-53b0-a64e-8b885ef3c955", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b40518d0-9122-52de-84a5-740d5d365546", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:457ac4cd-a9c1-5e46-993e-6262db003f65", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3a177279-ab47-5ce3-94fe-75e3571fda99", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2251a017-7909-5346-9273-5674698a8114", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d6dcbc01-7407-551b-a99a-9f0508458c71", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:522d3994-f734-54b3-827a-b11e115ed5e8", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9c6b317c-f6fb-5303-b305-294352b7dbd4", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:005a23a4-2ce4-572c-82db-9c9a58bad979", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:acad3e40-a7d8-5744-a20f-f32d655c5eca", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.11-tuxcare.5" } ] }