{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4665121b-c0f1-59fa-accb-021a0a1ecdc1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-websocket", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e234171b-f37e-5b52-9d95-bd9b29c38be4", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d567a2c5-c60d-5804-b04c-a67de282c80a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b092e45-147d-5a82-868a-25ab63a7ed37", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:98d8cdc6-81b1-54c0-aa6c-a0586d12b05c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27151dbe-1b56-52eb-b140-18eed813070f", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b48be28d-6bb6-534d-a411-2bee2fb8b9a3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:26ec7ca8-fb6c-5754-80c5-703e21212681", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2535b97-1f3f-5dde-abcf-b8f79c616e7f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce107492-75ef-5db0-bf0c-002168b01f6c", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a97853e2-77cc-5c35-a4dd-df8463cb83c2", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c08877da-894c-5fc4-9382-2fbbae05bdf7", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88627806-92f9-509f-9518-df225629cab3", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bc2e2265-5e6f-559f-b7ae-72e177ff4e45", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5f34bfa-e0ba-5c7f-8c19-170840aed166", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b2ebb096-2d09-52c4-8442-a1921a30977f", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04673fc2-f063-5613-afdf-75b8a0b13194", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ad6d0fb-7e8e-543d-831a-98dccfb8814c", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:73e3ea49-1fa6-5398-9a9b-7a03ecd303a4", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54435e3e-c81f-5aee-a002-5dfee6755d59", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e92be65a-9076-5eef-8511-7bf4a53a879c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0fd708c-e5a4-5b2b-acf3-cb00daff9b1c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:79206e0c-3a8e-50cd-ac47-64efb8eaed10", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:858d6ca1-6d75-5899-9260-1d5620726850", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dc2115ba-bc09-5d14-ba05-38b601f634df", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:411e4c66-fb1a-53d4-a9b0-f5d0e44a6864", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0716a486-f04f-5a8d-a60e-1442f447b4d3", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-websocket 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6cb1290e-d9ac-535a-b496-eaf073927c93", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:877969ce-9d40-520d-9755-fd0df5445b44", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-websocket 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20433a3a-b927-5a2f-a209-e03fe3c3c107", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a07200bc-411c-5ee7-8c22-ad1b036ab0ee", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-websocket 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:95910979-dae3-5c5b-ad6c-f9eba5101508", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54c163dc-5a11-5773-9573-370ee02d9a2a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.3" } ] }