{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3fda1919-64a5-5192-bc72-a71a6d38dabc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-websocket", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:76587503-7c27-5ece-b039-be14a0bf859e", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c6278e4-2e21-5523-839b-7146fdcf5be1", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6984cb6-8b95-563e-91d5-a4a3d19464c4", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a84ee3b-94f0-5c38-a541-3f2237739104", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ee3f5e2-c8eb-53fd-b82a-d4c04d6e935a", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6bc1dff1-7472-570e-a50f-26d0422a25a2", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e4e889e-e2b8-5d2b-84ae-55b778def5ec", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48c936ef-235c-51ac-a89a-83019daf91ea", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7eaa113-d0f6-58a2-8768-d9597804c7e9", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59e288a6-c788-5c93-a4a0-4122eeca9ac7", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7fc311d4-d9ae-557f-9a6f-c3893f512fef", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53cbf033-8eb3-5206-85f6-cb0e2a4d1379", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5888a4f-5968-5951-b1bb-47a751fd5d7d", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f331799d-f242-576a-a448-2d4439641b3b", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:084cf6bb-15d3-5910-a0ed-441f308fbe90", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b489d361-b9df-561b-9243-c3199caebb59", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b6dff64a-c34a-5d19-bbcc-fb12690201f7", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9c5123e-817e-5413-8e28-fe067f73eb9d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4953e1da-d61c-52c0-81b2-acc136232122", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a37efcae-1847-5bfb-9def-42d8cbe8a1dc", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5dcd096b-d8b9-5327-9f54-1adce1ed4d44", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71ee24fc-63f2-549d-ae1b-8c7493f3eb05", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b813044-35c3-5839-92f3-5cd9822e0d1b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f63f9f2-7c73-5cdb-b9fd-49780b452be8", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf2d6710-9253-5714-b9d4-f362c3537260", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1391640a-1ac0-5f23-80eb-9322c2400651", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-websocket 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66cc60d5-c804-59f2-9888-cd29f51578ba", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14df8800-51c8-5f56-b7e9-6d2f7e50eeba", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-websocket 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:311254ba-c8bf-531e-8b51-a1d869ebe9fc", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ff52714-b112-573f-9241-70598f041282", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-websocket 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6004c683-2abb-5c22-ba92-358521a89479", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b985813-46ea-5978-842d-af611401df8a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.2" } ] }