{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:76838d5c-987e-54a9-8850-fb3092c6c43e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-hc", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2bb8ed4e-0f2c-58f5-929b-eaddb5295014", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f6764fb-2639-5ace-9683-b6588164eff5", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d5312a2-08f5-5e67-ad9b-a902f78fa0b9", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0134f57-4943-51ff-83e4-0ae50204e246", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5310736-2fa2-59fc-aafe-63c45a76b764", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16c95866-d342-5344-935d-9870f06199e8", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31898060-a02e-50b2-9b86-8fd2156e59f9", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ddafdbaa-2c77-5cdd-a749-5ec8eb8c6014", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b074fd41-6489-5d90-a85a-017b342861fa", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3d0520f-ef0b-5792-8570-d47701562f4c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea5ddee4-cd85-531d-b442-b2470823fba4", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2fe12528-ac48-5d1b-9297-ed85a0930cbd", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e1ca620-ddc0-5913-b100-d74e1785880a", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84c01332-d2ce-5c74-b86a-9ce97a4bc30e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e31e5ad-de1e-5deb-a731-f2ff7d9e71c5", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec222a4e-45be-552c-bc92-e2157ced8c60", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87514cd6-073f-54de-a7e8-1629fbd780c2", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ceff1f0d-d4bb-5fbe-9454-9da850a8a3c8", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b07ec5f3-64d9-5c89-87de-f036abd9d1d1", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33da9830-e524-538c-b551-280d49cf94d2", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:afee90f0-5354-5f9b-a650-51b94ede27d5", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec3979bc-78f1-55dd-b218-d047a2c69d04", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39ed7c6e-2b11-5653-99dd-2e3f9ed5c067", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a259deb9-02b1-5902-ad28-b93cefd8fd2c", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa8dbe5c-13c7-5225-846e-771e714a321e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a5a2c26-2895-569a-b81b-4672f436b6b8", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d752fa9-2f7a-5ea9-9656-851f52607b72", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d8e281e-86f3-51b6-8e86-4296466244ed", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ccea0192-fc8b-5de9-a622-0d7bf183613d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2052e1e-8c9b-54e0-8c2f-dbcc99c8d3d8", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ccf159f-6aa3-5271-a409-52dc9b9cf7c2", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64f62160-f195-528d-9a62-89d33ff556c1", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dfef7ca8-4e0f-562e-a0b6-9ff66f22eaae", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f3f8692-5deb-551d-8792-11a04e5236c8", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc@3.5.9-tuxcare.2" } ] }