{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7c5c31ea-22cd-520b-ad1c-49ac491e6f57", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-websocket", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0a687c3f-3c1d-5042-bf6f-9dc3bfa25295", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4abc6ca9-a6e8-593b-8618-3869e3ad73f7", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2344a72c-5ada-5b50-929e-9c11f2a80fdb", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:662c40de-dcb7-5268-9473-80ac46ec672d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0a60ce3-a55b-5228-9c09-7c169c4b0e63", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0f87fa92-92d8-5030-9964-225cfbd4436a", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b92e6478-a937-55c6-bb17-253cce8107db", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:98aa30ea-1b7e-5c6a-aec7-cb2c902f3ad3", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69a02668-8854-5b6b-b2a5-36877e8dfe63", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a1fc0ba-8d5f-51eb-9f6a-4b163256bbd7", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4bdf2660-3315-5340-86ec-64b2fa383656", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1f77e421-952c-5045-8396-1607f2e38b77", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3823118d-1500-57f9-8e8a-9e4f6a35f0b2", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dad661cc-0520-5dc9-a0fe-e0d9bd51fec1", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5735c719-fb3f-5f7c-af0c-3e7b86365c54", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8933fe7a-b439-59df-9bc0-f971a608ef5f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:01cc769e-181b-5a8f-80f3-7df4ec32d29c", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-websocket 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:800556f8-076b-5ec6-98db-e28869e7fcb8", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fdecfb19-5832-5bc5-a40a-44b75d6728ef", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:60b533d6-f026-5147-b6ae-349fed04a75b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8ba8893a-8504-5e98-a1cb-e1b6b0ed31e7", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cb04ad71-1261-5306-9347-6225ac301aff", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db7ceb4d-2092-5c82-995e-aa9d1d1c6d8a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:87197c71-643d-576c-8da6-1454020834d7", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e719e3cf-ba41-557b-b307-fe9be9cada08", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9508cd92-8ac8-5e03-a853-b5537b940f53", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-websocket 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef8e7e9b-2947-5bda-b333-b0414c7eb97d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:387d1b4d-07aa-53da-a2f6-487bfc2fdfa2", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fb56ce58-84ca-53a9-9aff-a6b90c97294c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:522dc4db-247d-5170-8564-7cdf4fd0f6e4", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-websocket 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf9efc45-af6d-5d8c-a1d8-bfed1d8f3212", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:46028346-1ef2-5ae2-9be8-4cb2c75891ef", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:828c1be6-13f2-551a-9f16-60c680b6ce5d", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5bae86ca-c72a-59b0-b574-20067b10a893", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports-websocket." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-websocket@3.5.9-tuxcare.4" } ] }