{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4f16b6dc-0cbd-59fb-a0c2-fd7797bd4389", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-undertow", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7ab32d44-fb36-5ac9-a551-f933ca6f972f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5fbd638-3a79-57d2-960c-9b702dd704ea", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1315d1b-1867-5cfe-b24b-795e8e52e85e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00bf5a17-f29c-5094-bb09-0775d730cd33", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0dea849a-1081-5317-a5ec-75b3ae9af060", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79c4df0a-baee-54fb-9554-387dcba8c65c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de281d27-fb4c-502f-b92a-f64ed19d308a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f0a6d58-1260-5878-9022-6e80740476ef", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:766b4457-62cf-5644-802d-f596e7c6055b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:437f011c-c221-51d4-8cbe-5d70b4c5eaaf", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:921fec4a-a9d1-5d99-bae5-d8ca632ed25e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9b6bbb2-7aa1-54fb-8ab1-8760b05a88d1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0074a2dc-5e6f-5491-a53f-ed4ea2b1b881", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3f50160-c71b-5e9c-9b7e-125d39a2ca9a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db5d2055-e8d4-5e4b-8194-905a548cba3b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92f054d5-04cc-591c-b0c1-d8e3e00dcedf", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d7c46ca-71a7-5af9-b9ee-45de692c0986", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-http-undertow 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:50b8fc0f-b3b9-5bb9-adf9-4146f94fae16", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06630094-b485-5f1b-ad7e-4774b8c8f913", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c763ef30-a3ea-5cdc-b086-00d8266371f0", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16f89669-dbb0-57b6-9d61-e07e640f7e7f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a5daacb-1e98-5aec-9c7d-e2019b747721", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8561e05e-d49f-5c62-9e3e-9721c7361448", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:58a47e3c-bdf9-5558-b97c-6cd43e03180a", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8b5fb9f-ba12-5289-953c-614b85926ecb", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be929d7c-5b3b-5d85-b0e7-6499f0075d0c", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-undertow 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4858578e-8cae-598d-b72a-6e79374f8cc2", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e0304e6-96a6-5995-b10f-ca8ad7514673", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a920ece4-1112-5f36-83d1-67f14ca7fb87", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8446df74-1b0a-5414-bc95-0a3641c06d66", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-undertow 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5892c9db-30f4-59d1-826b-bf5f26d86edf", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05c74a4e-e987-57a1-aa4d-0cfa5d4236ca", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d53781cd-8127-5759-bae2-e15f245ed58d", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3679f6aa-e066-502d-833d-8a0a36a28dff", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.2" } ] }