{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e8fba358-91f9-5d1d-9dcd-636cd5243ce5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-hc5", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d2f07ad5-6821-5134-8dee-a5b4d454079b", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1d1b3db6-14ac-5b00-97f6-3480d454e5f6", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:393e482c-302a-548c-a91e-e108f7ecb982", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ee6d45f-5917-55c1-83b4-a9c1feb051be", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3278443d-b9da-501d-89a1-42b237415857", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2c1b2090-2a56-538c-af90-b9fd09f38390", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8bbeef81-d031-5f57-a402-65b82e7d6cf2", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:562a201c-7681-5efa-9c0d-ee117f2bc66e", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3344c9e1-298a-563a-9792-044ace504cf5", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0483ba31-9178-5253-9157-6b60ccfe9439", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2daec9cc-75d4-5682-bde8-f7318295abb2", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d3fdd4b5-8c9c-5550-99ed-65b19b3f3cad", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1d3e9124-8769-556a-80c0-33c33577af31", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2072650b-334c-5f4a-a334-ba4fbf99da64", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16e76065-18bd-5e52-9d2f-9fd980283262", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df3b00a8-854d-53fc-b4ca-bde49f7fdcb5", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d197703f-ef3d-5208-8c91-c3765d59adbb", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e51e6561-b962-5426-8efd-b13cc8e2cccb", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02d7bb92-b166-518e-bf52-85822a94c77e", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27010648-fb86-576d-8280-14f695f082a2", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b4bb0a1-bd1f-53b4-a3bd-cc092f60a23d", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fcef262f-c357-550d-ab1a-10cec2150cc5", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:995b6d0c-8ed0-5988-89b8-115da5782ab4", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e474a1d-4644-53b1-a4ef-dd51283fabc8", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e82d59e1-2b35-502b-a109-74e31d23f9d5", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4cf98f83-91f7-5ca1-9a38-5f80748d912f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc5 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56affded-77c9-58b7-9a38-21fe3dabde09", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f3429c81-405d-531c-bc85-e1a5e8291588", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc5 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f96c888e-1d01-58db-8f2d-01982338d70a", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1a56d63-dd45-5525-8f4d-1781844e3182", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc5 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:893c9284-fb0b-545b-823a-bb60694e4f9b", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7c36da1b-ca90-5382-8e8f-8dd1b751ee62", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.3" } ] }