{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c26c95d5-a370-5274-b032-42950b159850", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-hc5", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ce5c080d-da63-50d8-9c89-3bb931a21036", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76f884c2-8e2c-596e-9525-8a824cfd14c0", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d91df75a-f926-512c-aa01-ce29e6496b5a", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96b922d3-265d-5e2b-a859-245eeb21c0f4", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:098ee847-886f-5be2-b87a-857a51d8629d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe3bdf56-6fb0-516f-9242-e7ba93b0c8cc", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71645841-a526-5043-a7f8-3326141fe0ec", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f138407-ebee-5726-9163-b193a1f8e29f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:331a7380-a191-574c-8837-3d024e1f7c05", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02b0dd7c-1364-5d59-92a3-ecfa986b9bd8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:151204a1-ad02-5714-8011-784375d30a21", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1b95a32-82c0-59f5-ad0c-0753a353dfdd", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2602554c-a340-5dbf-a3b1-b0d309368d5a", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df023d08-2270-512e-8ff5-6664eb662da2", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd76b819-5002-50a5-a570-7a0c8a88af03", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:03147b1e-0184-5a79-8463-243b668bd701", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce0556e4-7770-5afb-ab00-18b1facff923", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:575a877a-4b44-5f25-b4fa-76fb1d623c3e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a68a5301-f353-5388-b28f-e06e408ca858", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0fce401d-853c-52ed-bbad-f6280b67a896", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:306309e8-4c4b-58ff-945d-1111326b8d7f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3dcecf11-c31b-546d-bd6f-54d75dbdb3b9", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2bc960cd-0f0b-5590-aa12-62280335351a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b609abd9-013b-51a7-802e-f9f9fce4d7cf", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73889b77-88da-51c4-b5d0-167c130edb4d", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c1c6d246-0269-5dbe-8d5a-1bb3fa42f1d1", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc5 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d2654dd-51cb-5f6e-865c-68f2b8ae2deb", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7ebef83-23a1-5a10-b58a-fa145d877503", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc5 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67114452-7928-5843-93fe-f173fde4eb76", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d26d3757-880e-5202-822a-1ab2446a7dee", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc5 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8185a429-f5dd-5c10-a7cd-94fb9311ec32", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab397cd5-f249-5dcd-bd0e-b9fb11155890", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.2" } ] }