{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2a4e66d7-6444-5f04-8233-17918ba66262", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-jetty", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:952aab35-e25c-5b95-9c67-9c6ec6be5188", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4e9fc3aa-41e9-5c3c-9c98-5657f0b57ac8", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:022b33dc-4eb0-57e9-aa50-5a7a6a9996d7", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c7ac771d-0851-5e1d-8c13-62896abfa3fa", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0bbcac09-9fc5-5538-9bd1-b99c18c18f40", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:28983a48-79f7-594f-87a5-1d7d660ba730", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:934aac42-7aaa-5d80-8caa-1c483754024d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:88c15054-d24f-5de3-b089-2a40255e917d", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e3294db7-3029-5167-88b4-edde51b062e3", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d2c38eef-ebca-53a9-8675-5743a062821a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:221eae17-b81b-5aba-bf6b-2f093d57aadd", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0985a96a-bf07-5a5c-8913-0433a1de8cf0", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dd5bbe1c-5ec0-566b-b8c1-066b6e926402", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fdc893d1-a51e-5032-9544-54944e1ee5f8", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d4e65538-d43f-5d1a-b256-dbaf46d042ba", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:403075b9-7634-59a3-91e9-9be5ebd5156c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8ad2d224-d7e6-52aa-9e67-155051587ae0", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cb7d6f38-a87f-5371-926e-45989f5c2899", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9fa40dfa-b4e5-5e98-a0fb-3acd872f5e13", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dfe83c03-964a-5ef0-a48e-3236eb101f9f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d336af4d-6083-5adb-9df0-20791c2e26e1", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4efc8997-5545-53e7-b210-cef981782ab6", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7fdaa068-7e6a-583e-a05f-83b503f04d8d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8d458488-150c-55db-ab4e-4255cd6f063a", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:04313c14-447a-5efa-a4ee-c19eb550a1df", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:09bff933-191d-534c-aa12-994e3f354214", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-jetty 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0d4729fb-d1d3-5555-b0ce-cb47e5878a8a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d58e7846-9410-570d-b853-fa4662d29a7f", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-http-jetty 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:54f849d0-dcad-52ac-9d9f-350bfdcd1ae0", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1241cb40-1516-559f-b2b1-0dae3c6561e7", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-jetty 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3fb96a1e-f410-5090-afb8-aa9a700072cc", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a1b3a17f-98a8-508f-9bca-dc1bacc34123", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.11-tuxcare.5" } ] }