{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f2474aa0-d94c-5b67-bc04-a472336d4ba2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-undertow", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0055c9f9-0094-5bcc-bcc1-dbabc3e57400", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:54b62fda-6543-5da7-80d9-60cc283f657d", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db768834-b1e5-5335-a55f-fe97395a590b", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:93078e64-d82c-5747-826d-3a628e3160ca", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d78d8e9d-2e9a-5b8b-a432-091236d17266", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d0ea23d3-fd3c-5768-a909-33fc6b7a8d27", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:514fe745-4333-5cf3-818c-804e0afea248", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d3cab2df-cde9-5656-aab6-03d24c63e700", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3a9c6957-0d52-5e20-98fa-f8d8ed762d8a", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:34ef7408-ea8f-552d-b5da-da958189ed65", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d7d4abb-fd9f-5c80-82cd-801eb482a1ce", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f90c7f8d-946e-5dc8-a8bf-49d06036b7ec", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b5947a4-0593-536b-8d25-535534a7a363", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26894d9a-33f1-5f69-8534-227122eb7211", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:54a9cc1e-e215-50ed-b53e-f72ee7950567", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b33cdd2-e914-55f1-bf07-a5c7860b962d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b562800f-4115-511a-bd4a-249ed0cfc9b1", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1d6c6478-82c0-5635-95ca-a2410a369e0c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c108c36-763b-5380-9b60-77fabf632f26", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7591566e-fe29-5293-b516-9802bdc87fb8", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f5342abf-2c99-5e5f-b2b2-d92f3e7a5e11", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:210374d6-7524-5934-b6e9-eb4870adf80b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c8b2a9b2-26bf-5a7a-8a8f-bbe53440e12d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7f3b6af1-9a34-5d7a-8a05-b8a37e6c9160", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e552abdc-ad66-5b76-b5e1-e1dee4c77e98", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1aac6303-2b80-52d0-af1e-fb70ba81aace", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-undertow 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d714db79-ee45-5033-b603-283ea3ee1bc3", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c44fcc8e-22cf-519b-9e7d-e30172bd4110", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-http-undertow 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a25f4f45-1d1c-598e-a69a-3a43f7f03ecf", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fb962b03-d512-5f62-ac69-075b1fe4e127", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-undertow 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ccbe99ca-86a5-5c47-93f7-cb3bfbb69629", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:60a52b51-c3fa-5b64-967e-7ded0c9057f4", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.4" } ] }