{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9e56b013-7e63-520c-a697-c3a57c5f38a4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-websocket", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8514ed19-bdda-55a6-a755-8bd6b89e5047", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:091b8656-4560-5405-b638-ed06b2bf6dc9", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:952d1ec3-93c2-512b-84cf-5f350cb55ec3", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:68628707-352f-5be6-ae14-aabc8b837511", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9bdf89d7-ee8f-576c-af37-bf194df6cb78", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a0ef4228-bae1-5d98-88fd-9066645ad463", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:476f96a6-da2f-5bc9-b9c5-8dc68ba1768e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b544d02-7bb1-5e50-a9d7-cd71ae1b15f8", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f3b98f4c-6b16-54f8-b131-ead570d27a11", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b7ce416-10e3-51f6-97a8-c06ea29ca6da", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e81a92f8-4f56-5f92-8d39-90abb2d09879", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bacd37bc-91a9-5890-b4f2-196667e55457", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1df17cbb-1f9e-5f92-b887-612e458cadf2", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bdc56962-3fcc-5be9-a7db-5e5a52b2f2e6", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c245485e-c990-535b-b83a-07d0f7a5e26c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a2d529e-e6f6-50d8-af7f-f6c491f8f274", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e6dd6067-b644-5212-b7d5-4a7f48e9ee17", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1bd5e7e3-c5bb-5292-a1a8-187531741586", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6c127000-9f51-5ec9-8952-544093cbc974", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:34188acc-9f50-5452-b97e-3a1ef06f9a0e", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3875557b-0978-55fc-8492-4af63fc3e684", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e2a9037f-7d27-5be5-b18d-d04fd5b8d3d3", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e41ee74d-3309-5591-a159-396da60b540a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c52672b0-ad27-59cd-9ed1-925dc7abb3fe", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5076639a-be76-5af1-b9b5-092ea32a0426", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c28201c5-baed-51d1-8973-d9d191766d15", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-websocket 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:97b57e6a-b5a9-505d-ae74-4109480a8130", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cace2a34-8bb9-5659-8c2f-7089281b7f0e", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports-websocket 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f4c06d24-1d54-5cbe-b8f6-082e22b35e7a", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:24bafb52-0c91-5ba9-9173-f67587182bea", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-websocket 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:70df0310-436e-5dd8-bda8-34ba3ce4a01d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:22b55957-7c2e-58c8-8b51-ce31953ce458", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.11-tuxcare.4" } ] }