{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:65340c05-af26-5a4f-82f4-b77ec1d9e48f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-jetty", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bd5ce6ba-842f-5e7a-a5c9-18f652a78f77", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:295c36f2-fe35-51ed-ac1c-3c4241c7c698", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb11ac07-9a26-5441-8fa9-549f76092d4c", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eb39aac5-50db-5d1b-9bf9-e8371d7ea50e", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df232b26-df38-5c60-96a1-31e275e600ce", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4e1c3b4e-ec38-59e5-824c-6557b5649a2c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:713727e6-01f1-5e4f-af2c-cb6b3489547c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:029dad59-e3b3-5b6b-ae39-f0ff0aed60d5", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e879f5a-59ac-5709-bb5b-df2ad32d609e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:876c20a9-4993-57ee-b1cc-3201c0ae722f", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8927a329-d4da-55ad-bedd-51ff91467c83", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b7a29b4a-0dd1-5a04-a2f0-ea62b5caf111", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:18f284bc-2e19-5de9-8255-b9892131dc65", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26d7b314-26cd-50f2-9557-f2f2bee39c5f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:84c7f4d0-09ad-552c-b150-ac48a1e78d0d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ecf18ecd-9e2c-530e-808e-41761872a368", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1384d4ca-9977-5501-818d-8ff09fc33315", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e49fb9b3-3c05-5fc8-b284-69f4cfe4c4ed", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9c2e326e-e007-5835-a74d-74a6b77205b1", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eb889ce2-151c-5f04-a895-2298814624ac", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c55418a8-e98d-55c5-bd6c-f1a0f6420bee", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a5c82cd4-6aae-5970-a117-c5896fdcd874", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:50dc7223-76bb-5987-88a9-a9d73ff8308b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:715010ca-8b34-55c2-98eb-e19640126186", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0e73a80d-9d9f-57b0-b5f0-e2c6427967b0", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d57b8f5a-a054-57fc-94a7-15af54368308", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-jetty 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:915022ea-711b-5105-8408-bbc37c1424f4", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b6ebf66-4886-50e4-b749-8ef5d6184d45", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-http-jetty 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a2d4abe4-f4d4-56d2-a68c-6dbc1d916300", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a7bee5ee-a28c-5e8a-98e5-15a2f4c320d5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-jetty 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b67981e-7ece-5ebc-b1b7-92c223f06c18", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a688840-cb25-54ea-a375-ea80503a29e3", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.4" } ] }