{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8e63b227-7dfd-53c5-b439-a4fc4fcca377", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-undertow", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:95e1b56d-9d5a-548a-b860-e584d52754c8", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:85142266-b1fc-5d3d-9120-e42e4c1c5263", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f102f0c3-9efd-5165-9a5e-21d05aec2086", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e283d73e-a742-50c3-82a9-f25d235df544", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f4522cc5-ff6a-59af-a224-2fd811e2124d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:29df4a48-0856-527a-a2c2-ceef194b5ec6", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7bbbe32d-14ae-5fba-b3bc-50289a488f93", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:053258ea-b6bc-5cfe-a07d-31bb90d6b8fc", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bef1317d-fd89-564a-b6ef-264dcdba076b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab48261d-350d-5f0a-a252-43e0154fcb83", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d57ba0b0-69fc-513d-8cb6-5d835d299ffa", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:19a6fdbf-ade6-5e3b-a6e7-660ca2d001a2", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e25b7d4-5ad0-5e91-9bae-a1ac07a39c47", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e9fc489-5a47-5275-8a3c-cf261e26251e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:27c02f2b-7f4c-54c7-bb66-ee358a7cba96", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07bf5af3-268b-58b0-bfc0-fe050725b334", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4dcf4c93-a08d-5087-b597-e697feee5ad9", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-http-undertow 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c6c3c2ec-dba5-5bae-a52c-035e1306eb66", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:01095be8-5e5e-51ae-99ae-04a0190a65b6", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2240f1ab-00f7-50b5-8e05-751fdd476614", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f2df57a6-f40d-56df-9dc7-a1f02fca30bd", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4846fa0b-50c4-5345-9294-39e6b262c912", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d93be83-82f6-5e95-bf4a-b333370bf7b2", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b60a295e-5ece-5eb4-bad8-370381d7d582", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6ed33780-4432-5172-8e54-f7f7fa8fa80a", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7769cb9f-66a1-5b9d-badf-7c6b160f65d6", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-undertow 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d8a8350c-cc02-5c9f-9960-095d3b2aaefb", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:113dd285-6dab-5d53-9f22-7dc1647cd644", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:964eb3df-227f-5f0c-a662-85e88aa0ec41", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e61aace-d3d4-522e-8f5f-e84b69f2973b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-undertow 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0c12959-5e11-5bf3-b447-94acb2331eea", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:90bc4c7e-17e0-5320-a01d-45987bd732e9", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e1a7b5a6-8949-5740-9a06-5cc58ea2f9a3", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a3a7fe9d-1f90-5ccd-9c11-ef0f7b68631d", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.4" } ] }