{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:98f3453e-3de2-5b12-a615-ef17f3a26b71", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ff9e8078-a3b5-55b6-9235-48971ab9a51a", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:276c8b9a-990f-5d33-b711-9e9b84fb4130", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75eb214a-19c8-55cf-b9d7-ef93e586fb4a", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5466b789-34cb-590d-a24e-1057a2f42858", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b64b06b8-8bb8-5a17-bf30-aa9046bb31ef", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f1f10ad-682d-57ef-9006-063b38d18dc7", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1dac81a6-b672-58ee-9f97-a7723d32d978", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fdbb9ce2-b3e5-544e-b71a-675d112ff06e", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd852248-9b7f-54ad-81b1-d9fc5f61f144", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53a8ba02-d211-5c1b-babf-5b728972a669", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0549df5d-2b56-5e12-8e51-d743939e22ec", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f9dc06b-cb7b-50d7-990d-ff4dc4036028", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0321e439-f69c-52b2-8b93-b511abffe099", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59ec731b-0744-50ae-b8f7-d3ab2d369980", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:442d5c58-a1e9-57cf-8cf8-3a3272fee332", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca1f1406-af50-5b28-a5fc-000228a16454", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0cbe4aca-e1ca-5ef4-9696-fbe519aef078", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8bd8b017-a2f0-5ef7-8830-feb23648d6b1", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3bc680d-cfba-5665-906a-defd75448a9f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da02fa56-a180-5866-91b7-21bb786ebc0a", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e45d796-f976-51bd-b525-19f07724848c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0edcd89-b250-56d8-a60d-2a570c933f79", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38e1b44c-637d-5cba-bbb2-d0cce421d95c", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1af595cb-21c3-5b3a-be85-3cdda47f61be", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4fdba5d5-d047-5ff8-a1df-d473850a69d9", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:54424f68-7abb-5e84-a872-7c50c97bbb5b", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9c6e520-7be2-5e15-9d4f-064ab953bc8e", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d331b432-cbe7-58f1-95ed-9dde6d24d707", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:30f1b2ee-a2f8-5e1c-af84-5adddb845ea0", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3029039-fcf1-5196-aa28-5a004a6d33b6", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d1c670c-4c30-586a-bf18-12ce57d37211", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34483034-53a4-5d45-a7ed-a72f743fe1ae", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.2" } ] }