{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:11693545-8f02-5108-b3c6-fce476c00045", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-hc5", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:acd83e8e-85dc-51f4-a146-10a808d90948", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b1d33a5c-7fdc-5552-ae75-a2473a6b2c5c", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b6e4ac88-7830-5dc8-b365-e370d6e07390", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df68b74b-ba78-58c9-8917-6014419fa255", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:166f02a5-9b37-58c2-97e3-aa9c583cbb0e", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0992012f-7fe2-5c35-b4cc-cf5e613be87c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:52cc480a-1a8f-580f-a9b1-7a0b919c43a6", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fb6994b5-2bc3-53ac-8b3a-84adcfb5993e", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a73ae9a0-bc07-5253-8e42-384aefe76f5f", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e3159554-baf4-54ab-ad00-59a8e17ee1d2", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:31e7649e-d129-5f75-9539-46d7f0ecab59", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da85a94b-c52c-5c64-a661-4016e6f3b505", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e65f4aa3-53fe-50ce-b1c5-4e11f898a32b", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d2474dcd-75ae-526b-92dc-5b604ac9a447", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:43a4de45-de3c-5979-9432-5ccc731702cd", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91d7cbbb-f6f9-5cde-a1aa-184cc93fbaf6", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32aee01b-0db5-5cb8-802c-ae5a43f32345", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a6dd1f1f-5bff-5174-a2b8-0248a8f8e7f4", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ccf3a8d5-bdee-592a-92a7-26670c0f6140", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5f44ce3e-ba1d-5a13-8879-dfa35b11aad0", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:266b3120-a977-544c-a319-70fbae4e5733", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fba6f897-6a5a-5bf4-861d-ac4df1841644", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0976e594-93ad-5843-864b-a90cc50211e1", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:798afa6d-c7a8-595d-97ef-c97f78acc88e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f439d6d-f87a-572c-be36-584c062b9fd8", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:31b5cbd5-62d8-5e49-8703-6a9985d336b5", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc5 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:992428d3-0e0f-5d6c-b92f-30f709eec38a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:860ad6c2-019a-55f2-8ccd-9455d094d2fd", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc5 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07e4c93d-0ae3-58af-b4e2-e2b9d8216138", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:be55b25e-3c30-55f2-a3ae-fd7038306d3c", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc5 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d0e698f-10cd-5e45-98e4-ec9b15a9ffd6", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5590fbcf-10e1-5758-a206-e180044c4c99", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.11-tuxcare.4" } ] }