{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a02ae40d-b61c-555a-8665-3bac8f7056dd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-jetty", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:79626d3f-7843-5f1b-8643-540d13ab88f0", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0861bc3-b791-528a-927c-5b529f83237e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:011e8628-415b-5ce1-8dc2-310cde516e30", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eef1f773-628f-5b62-a542-4bcc2cf9ed10", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:52575a96-d426-5278-a047-24f2432b238f", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c31e30de-976e-5fc1-bb87-a0281776b596", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06f150d4-7880-5028-a13c-22ec923ef18c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:404d10fc-b46d-507c-8284-2a013169fdee", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f35b840-bfe3-5095-9182-dbbcec581895", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1c88872-6a26-55a1-a48f-50bdfffdb126", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:264960d3-9677-57db-b7d5-10a93749dda3", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb428c9c-1559-5b43-a73c-fbf7d00a665e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8857ef67-8aed-5220-9b85-8a5f6f0798af", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:742c76e1-3cb6-5bb6-b115-4b31d3bf01ae", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a862523-6a50-504e-ac38-913b5351747d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a71736a3-5924-54d0-a0c4-76b885bedaf8", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8a2ce5d-25fe-5784-9367-eac807bd78c0", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-http-jetty 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34e9082e-d654-5503-881a-06bb2b1b6422", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1983f2cf-244a-5b50-a561-14c561ae2605", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:906ada95-e364-50b1-9046-abfff75a3ccb", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f3862d0-c878-5f4a-985c-3ce2c559d97f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:128887d8-cd38-5838-9aac-f620e1959ccb", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1ad8cdd-0c11-537d-ae0d-fd0c7112d622", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95cc74bf-0041-5eb8-a700-e128c2457267", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2746fe6a-30ef-5e8c-a617-8c21ce73aac9", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c14097ce-cb25-5d98-b797-57b872e9cdd6", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-jetty 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d70426e-c2ed-51a8-bf1d-4c9421cd4bf1", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87aedb82-e1fc-59b8-9486-fb103c46845b", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a419540b-bdee-5711-a32e-e755a9b08c72", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74c8968d-1746-5e19-b1ff-f3910e0af34e", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-jetty 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7ed8dec-297d-5262-8635-d7e3dc23ec2d", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:429ecce7-8690-54b8-acc4-fb02f49175e5", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16da61a8-cea8-506d-b619-71f92d2bc104", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c363efe6-d2f6-55ec-b60a-a5d6c2f5334a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.2" } ] }