{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:05fc7438-909b-57d8-93fb-55178125ca07", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-websocket", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3cb6b574-0777-56e1-9627-a50b55beac19", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:871dc230-e8f5-5c29-acf2-ba791d135ed0", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce7decef-d4d1-5bdd-b4a7-c065b7424b5a", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42ca238f-41d4-59d4-8f6e-5840e121b55b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48b82eb7-7e72-58e0-86e5-81fda1f8e3f9", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c318954f-f0f3-58a7-bc30-7f20c62ec78e", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e71596fe-9dac-5d04-b1f4-2b387764257c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6409fc1-0b4b-59bc-9303-6806f36f8352", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a703fa37-18fb-57b0-9efe-a55654514318", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f778562-748d-53f3-8fd3-fb4fdd905dbd", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b1247a6-6524-5f58-abdf-0b73a9a4c097", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a075657a-312d-545b-b300-15cc71d55c86", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d329457c-18ed-5410-9733-23700944841d", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ddfe5285-7601-5330-a906-50142801e1c5", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d960a078-b275-57d9-a6d4-4ac7b10d1299", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b79bf44-a871-5edb-a95c-74f7573bb9ea", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31392feb-dcfa-5135-9f6a-15263a9779ce", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-websocket 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:273d8b2b-d1a7-5ce7-b90c-bde65bce12d6", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbb5ef3e-1416-5019-9bd8-98e287b2a6f3", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f77d2daf-88b4-53e8-8eaa-9e72177a97aa", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9bba8e5d-da0b-5ca0-80ab-0d13709584dd", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ce9ee2b-5d0d-53e5-a89c-aa930011069c", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a03c41b-11f0-5f3d-98ef-b1a67a64b102", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2199b9a0-caa7-57c3-9ae3-877ca497d881", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5093841c-1402-5cda-a892-a3c287d17e57", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59babea0-4358-5bd0-a8af-af122cf60701", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-websocket 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93cd72f9-119a-55eb-a987-c2550f18fe22", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc36bb47-fd46-56ef-82a8-0f5f812204d6", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24947fd8-4415-53e9-b309-81d577647f45", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5c086433-a381-5fb2-bfbc-deacccc72597", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-websocket 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec9210a1-b45b-5472-aa74-3cffb20c6da2", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6cacea50-3c25-5008-aef7-78c79caf7495", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b324373-c710-5316-93bf-d2e51f94b74f", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0d41449b-245f-5ce6-a043-0e3df1795106", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.2" } ] }