{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ab66db1a-5c4b-5a05-84f8-b67172bcc8ef", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-local", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5e9b2d78-3eec-5b6b-9846-e40bfbeb1f9a", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d9bc1b24-a891-52c7-b3f6-a29c3a86a04b", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0dbd5fcb-bb8a-588d-824e-94cba6ef7977", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:af72bb27-8614-5b52-8a91-0f4a0de57493", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17f578e9-dbe3-50ac-8136-0384612dd436", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:57dcb301-471a-5218-b654-a97c57ee7d12", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29ca40a9-113d-5d78-8d71-a41ba2834028", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68ce3631-7a84-57a2-8685-76e2d6034fda", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e208c3bb-fd77-5c14-9bab-85f014ca7ab4", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:581da2fa-c4df-55e9-8d61-2aa9c55ee1ca", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00be3b07-d535-5401-a6af-d8e9e13d00f9", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f7916cd8-4199-5e43-927a-10b02baac849", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ab78423-9aa6-50ec-8cfe-0ee1a2075247", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11880784-6d79-5333-ac8f-e73e04875d6f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8518a271-cadf-5b35-bf74-116870bf26e9", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d464af6d-133e-58ee-a483-1123d65d21b2", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:796e0f55-cb56-5291-a69f-453861986edb", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-local 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:333d423d-dc8f-5bb0-bb3b-df88160450a4", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35312139-0617-5d30-a165-dbe74b8f4e72", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4436c585-8c12-5052-a4cf-6319b46e418f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd21ec69-d446-5541-ba3d-8f7bb6b94834", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ecc73e58-9d3b-59f6-a82e-c29c55093b42", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e37fc652-3085-5699-bc0b-af7831f78f22", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:389d04f8-b97f-53a2-adfe-e9455ca3aea2", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72647061-caf0-52a4-9a8a-7e88bb919680", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b3099b2-f8a9-5128-bf3b-07629ca52a48", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-local 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8af5c508-05a8-5c7d-9bd4-12b5ec12a6b2", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78553266-72e8-5929-abfc-8929db509367", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da67fa6c-ead0-5773-92bd-9f5acda09216", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d8200199-6cc3-598b-84f5-892d2f32e8d3", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-local 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a82a32b5-04cc-52b1-90c7-fe8fd1b91dec", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e07207c-c965-5b88-8869-c825d0d0f431", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:075467fe-2007-5d77-b77b-28d9b5933530", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70276027-6279-57c1-bd73-9b7ed3aed521", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports-local." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-local@3.5.9.tuxcare.1" } ] }