{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0e095c3e-2590-5e02-a330-cec1383ee083", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-undertow", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f8197ad3-4ace-56e9-8ff0-4aacebaf09e5", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:95453805-bded-5250-a743-54ce6a8186c8", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:be763209-7954-551e-9d19-2d393159e85d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bc50e2ac-7bea-5919-b392-f3c915ed06da", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:39fa7919-12da-5aaa-a624-439449f6e1da", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aaf93a3a-0a08-5d58-8b9a-df3f9f04be82", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e28dda5a-ca6b-5b58-9e5d-e838ed44b42d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:247a6c0d-3f72-503c-b8a0-613bed036264", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:600453b4-5640-5d2e-8097-780224c83fda", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b2cc60a6-ced9-5944-853d-d16b7159994c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d5ec6cd9-0fe5-5bab-b32c-76e2069db1ef", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:65b05d2f-bbcb-50e1-8fad-47ef830922af", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e6f4b511-8a6a-52a6-8beb-d5c066bed110", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a3bd3515-5bb6-59af-9bd8-2daea0e32237", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5229a347-d393-50ad-8619-15b72354c1f5", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5fafade8-d635-5bf8-9f07-33a22e44e917", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:00f435e6-7306-5b1c-a7a1-0fc3cbc11693", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f12dd77a-3483-5d9d-8a8d-b050590553b6", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:13195891-5ae2-51ba-91ee-6ba95b1ad316", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2e9af334-40c6-58b7-88b5-844ae14794ae", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ae9e0912-1789-50fc-a0f6-db5403689816", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8eafdaad-b933-5f99-bad5-4b4966f103ec", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:352d9ecd-a3d6-511f-ae61-90563e3dd0eb", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6b9ea932-c0e5-5086-92fa-93fed1e87f95", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:64de2da6-32c0-5947-b11c-740f5fa58192", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d95bd9c2-5799-5b2b-8cd5-39ca3c717e4a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-undertow 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9706ee07-720a-58a2-9034-eb5e64f3723a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:10790661-970d-5415-ad15-e2eccecc4d40", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-http-undertow 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c5b47e69-99b9-545d-9e30-d7707dbcdc0d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2abbf3f1-7e0a-5b0c-aa3b-5db2fbaa51a2", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-undertow 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d9126342-a3b6-54c4-9da8-c12e782e43b6", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:93664f6e-9cb4-51fb-aefb-5f90ca285d45", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.11-tuxcare.5" } ] }