{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:60186b49-9cd6-57b6-b37a-794e23e55c5c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:0f9fbf44-2b7e-545f-a61e-f0c93ef2ee68", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b28c46d5-cb27-54c7-8c69-631895874584", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:650a11c0-0b5c-519c-8338-1c871c3162d4", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:903454a5-c4ae-5ce8-ad66-2ca5217b0409", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c7cb5417-12a0-5104-978d-69fe2b3e35b0", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fe25ccb9-5dc6-55e1-88e6-c91c128da0fb", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9b99797f-7477-5805-9723-fcf288b4fbca", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8a50fc06-5aeb-54e9-9d87-6dc7c3c27d38", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e6026a6d-8901-5827-9d1b-002d4dd34f29", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b7117eff-2f92-51af-b623-f41361797f1d", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f694242a-070b-5aae-a692-4254f8694115", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:699cbed8-a175-534b-997f-acf274f06863", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d90c2b9c-6dc8-51e3-a716-ce6daaec286c", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a43d7807-1c01-5fe1-a4ca-e799418a249a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0c5cf711-8a0d-518a-abc6-0fd499544796", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:59e3c76e-5d52-5426-acae-7427d76f4167", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d94c19bb-570f-5ed8-8cbe-31d463e662bc", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a8730379-d35b-57e2-af0c-8a486c8c0d9d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8f5ff460-e101-58a8-b61d-fe39d597f849", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:91d142b4-37f6-537d-9aeb-c7e9d9a2882c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:59d1d1aa-e13b-5b3b-8734-f383c14e26a5", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:47ae06e4-63a5-568d-a9e1-f92ab2e863c4", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:448c8a3b-403d-5349-a5e4-1579fec075f5", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c576945b-8401-57bd-ab7b-04f12263f709", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:23700f33-ef02-5d73-b36f-1b6fa0df610c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:36aa0bc3-b781-5971-a347-1e387346f74b", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f700099d-b253-5884-9fc1-e9b623dd40f7", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b490a19d-e19f-5005-9c75-f732075c702e", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-transports 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:550e79b6-75c5-5898-be3e-c4af09e00ff2", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:368efd0e-5316-59c8-99e3-27f2976bba87", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:408ad01a-82d4-5310-8da5-e20e3da6cc0b", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:97f7fafa-4208-516b-b36f-009b04fbb435", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.11-tuxcare.5" } ] }