{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2d4c20ef-9958-5442-bc46-0169e24532cf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-hc5", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:195428f1-fd2e-521e-965f-2777f94f5240", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4674ba11-a29d-53a0-b31a-6205279bf363", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:904c6b13-4b92-5c09-a189-78721d996ff9", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e7d63a0-ce5e-5f1b-af4d-8d447c6e1aa2", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f7713b9c-bc5d-52db-8f42-74d9f5ddaa68", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2ed5d9e0-beff-54bb-ac78-737c3d0e418a", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:66de50db-ccc6-5cf9-8c1f-09f9b7857f7a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06c506b2-008b-536d-8eb3-c4b97c2ea517", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0e27b0cc-303f-541f-8ea2-be3b45f89b96", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cce4feff-df22-59f8-b141-a76d02518a12", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:701dff25-926a-524d-a360-1d9b867c5c8b", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a6b67e36-692e-55b4-8715-6f2ab2b05dd1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:50551369-d8a2-5a10-b0cd-ec75db12c778", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b747e07a-519a-589d-b7df-1763c55000f3", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:223a2d7b-c885-5dd9-8c4a-4f1f1faaaa3d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25a5dc6f-c9f9-5519-b7b8-71839a3610c4", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:650ae7a8-1f04-5c96-b350-c9e814120db5", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc5 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0bd4f429-008a-5dac-9688-ddd645d8019f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a87d3c7-30f2-59b7-82ff-73ec9cc21f7a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:15bd033a-938d-52ea-a2ae-d781780d0154", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:be13246c-2d12-5e48-94c3-715a1f2d9d57", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab78103c-d0dd-57bd-bf8e-3c2faebfc65b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96b768db-0319-5814-a775-0fbd05752a1b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db3b31f5-64a4-57e9-bc6e-8f1c942c3efa", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a3356b65-4cbe-53b8-b1b1-8e34fe9d53d6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9e54d75e-bffe-509f-afc3-67ed8633457e", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc5 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eabb3348-6b96-5107-806b-4cceb40ad59f", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2401c2ff-c567-51cb-95b2-8e4987307496", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3121ecad-30b9-515e-9cf8-5cabb1d9858e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5bf3384d-a353-5fbd-9688-88fefcfe5058", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-hc5 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b81e0c3-af8f-5367-ae00-5f0fdd7f516a", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a97294a5-9254-5b4a-bea5-f203deae6aaa", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d356473c-d859-5b18-9ebf-96072dd0b9b6", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:57e3f9f9-2b22-5ee6-bd48-12bbf9fa34aa", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-hc5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-hc5@3.5.9-tuxcare.4" } ] }