{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:aa5e8a3e-63fe-5441-8a9a-4af78ce53cf3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8ae77d5d-4700-5c16-9a5e-1dd14312b1a5", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a9b37c0-332b-5023-ac03-2c1a1a9f1995", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:147f4280-94c8-5772-afc9-4fc63c59f9c7", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a988d6d5-1fa0-513f-b63e-01cbfe825039", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb3e3ca3-dad5-523d-8cca-012c89c1ad6d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0ed67c0-a247-59b4-83d4-30a89576445d", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a991215e-bc89-5cd4-8682-5d2bef651c70", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6afecacc-200b-591e-a59c-0a49ad236799", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8953e39b-8774-570b-a91d-a3c5f5457570", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ff047fd-bd4d-5505-9ed5-ade8d6844402", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aca8e9be-a8ad-55c8-aa52-108e9e7da213", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21588bd5-5129-5357-9006-5b495eca396c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a8e8f41a-77e3-5882-88c2-6828326c6fe5", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b2608ca-63e1-5d9b-9058-11059c3d7d88", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3d65096-609d-5359-b38f-ef2f1081f2fd", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48ea4b39-2cb7-5352-9a73-eefdecf4cfb0", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5bb2e300-6535-56b6-ac17-147b262b7aae", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5699cf12-30d8-5aff-9def-5266c3ad20b7", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:221c70b6-789c-5d3e-abbb-585ba8109273", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:350d38c0-ecc8-5d39-b50f-93eb6ea3456d", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76578527-11c5-5675-b378-2f0376e635d9", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12e7e24d-0a83-580f-924f-f6c666128737", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:957e7b53-f3eb-5699-a716-5f72b70a007b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2600214e-91d7-5fd6-bd23-fd2a3f852e1d", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b05eef2-10ec-5076-836d-f12e46a84e30", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8fab242-d004-53c5-b48b-83a7291d5582", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b09b10f5-10c4-51db-b20e-6c665405a69d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68e4a488-a35d-52ed-afdc-dcd6268bf40f", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-http 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b26b4fc-3c77-5a54-8b11-9b0b997c240b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9508e205-77d8-52b8-9070-318fce906fd2", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7c1f819-5da2-55ed-8193-ab6979328929", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44b03a5e-ec93-5b20-aa23-bb80c2bc080d", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-transports-http." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http@3.5.11-tuxcare.1" } ] }