{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:402658fe-38ee-569f-baaf-7697899fe702", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-jetty", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4c2375d7-8a47-5677-9c3d-ccde9bfc3ce4", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5243a004-005f-51d3-b6bc-fdbc60cf6784", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a5c4c2c1-6d8e-50e4-99bf-dd29a125f62e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d1e3b4ee-57c5-5573-aa6b-ac974644173b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:49950933-8344-591f-acc8-1a0a0f747a50", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:660c3efa-a6f0-5c02-8e7b-42841f41f5b0", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7fb6d0ce-43a6-534d-a88d-f4abe4e2d4bb", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:648f1494-ff90-5fed-b539-68c8201204f1", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d87dab21-6a9b-57b9-9f64-421da63c6ec8", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6534d882-5884-57f1-874f-bba17c7d4c94", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0a2ab34-6a36-5a58-90a1-414f766cf0bb", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9f1d5c76-ffcf-538a-86ea-de24f4e25b3d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5bfa18f9-faa2-5cc8-931e-23c5ab74f8c6", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:afafa4a4-1dcd-5452-9757-c5dba8b32d5c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:20a49739-3857-54b1-805c-ea25bc3b0e22", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ecc3f63-bc6e-5116-aa2c-ade7c975efdb", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:407f9d88-f84e-5e7a-9e0f-19d8eeb2700c", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-http-jetty 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f74f3a2-344c-5369-b244-d60681a3a598", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ffca630-5531-51f2-8f9b-f6a54a8bd3e0", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f6ec2ff-728f-51eb-8d12-0e00ed89bd22", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2099117a-a5fd-5a19-8b65-5508a4e64690", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:77914fae-4aaf-5c48-97a5-a2a9cdbe88bd", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fa9693e2-bea7-546d-a29a-46575b041ee0", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:581013a7-1e10-5b28-a14b-ed23040396b8", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e101835e-d582-510b-af14-cff2c3e6eed3", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:871c5c50-1fe5-567b-b7ac-a74fea6c6559", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-jetty 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b621ac46-429c-5e36-a291-b5b9c4216a0c", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8fd4d803-1b54-533c-9bb7-6e322132adc1", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ae422659-ae50-5da9-8ae5-a5039cc1d24b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:54477bbd-990f-50ff-ad68-84876d023171", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-jetty 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5480d44c-67f8-5a63-b33b-5e2313c7bacc", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9866b8fa-551c-5d6e-a32d-5fc91c171377", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:800425ea-3fb3-5f49-9743-ed90c2e20d1f", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3cd69686-78bc-52e8-ad8f-1f2c3330e152", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-jetty." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-jetty@3.5.9-tuxcare.4" } ] }