{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ee5d898b-f522-5478-91b3-561ee59a4c17", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5ee877d2-9cfe-5bc0-bb4d-43a0229c5951", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7cf3813f-28ee-5c0d-9c1f-c6c6f5edcaa5", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:495e2716-5023-5d57-9853-8686a85782ad", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c394c035-00f9-5d29-a9e4-13fc00b975ff", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cd2d26f9-fb2a-5a0f-b655-cc383a30d0d9", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3c7ba58b-d881-5f39-a2f5-e68a8705d8db", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:72dec7d5-d0ce-5e07-9b78-288417025f23", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0eb2a792-6cf7-5d2d-b4e6-2e77660bef9f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dd90acb7-596d-5fd3-b3ab-791c4179d6bd", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1a4816c4-6b6b-5502-b54d-181b515b57b6", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:161fc265-6db1-53ce-b43d-71a8d737273c", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a8bc592a-2abb-5e88-af96-33f0a25c4efa", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:549d1ca8-3bdd-5f46-b3b5-c582c28b8c94", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9785ce4-98bd-5d5c-92c5-ab6c871f002c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:972fcefc-853c-5db0-bc0a-29402d743ab1", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a1524280-3cb2-53dd-8409-74f7710584dc", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac4ea777-f2da-5c28-b099-7f3ed4e14b1f", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b02f14a3-dbb1-518c-b830-b0637468d4e7", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:88fe55b9-a5ae-57d1-9598-1d2e1eb9b684", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:29c5027b-7e1d-567b-9adf-83d53a50d0e1", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d8449d09-e3ce-5e48-840c-8ff9067baf59", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d560024-f0e1-56aa-991c-4ea6add07c9d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a49020c0-7336-5415-9c67-c2e656c84ef7", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bdd8bb65-c077-5c40-8c43-6ca1edc321a1", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:90f3422e-2ed5-5e2a-b0ab-2bc1898b7a94", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:74e47b99-d552-5f1b-956e-805ea078ac51", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07d4eaf9-30b8-5746-a377-ca59cb8da29e", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9f9e092b-bfb7-51e0-9095-1ee4695ffb26", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c9c98049-5bc7-562a-a46d-75016c871869", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ee93f52-08ec-509a-af78-16c37b026189", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:73f29b27-26c8-5d3e-8920-e393f2ebeb30", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c0b84b4-d58e-579d-9049-16ac9b3404fc", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e2796c42-5a6c-5a31-87e7-6e046b207bd2", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f3bc597-13d5-5a0d-a11c-7efb082cf320", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9-tuxcare.4" } ] }