{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:06783f6e-c42b-5b8e-b617-0ca357e6dada", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5f1f5880-cf41-57e3-9861-2852142b9a3b", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:322fd27f-55b0-51de-bf23-05886aa5106e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1123b47-f304-583f-b388-4a136698dc28", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc74f51f-a825-5dad-8278-6c3b7a296dc4", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ded4d304-0e56-5e78-8154-d4792c8cd92c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06987ff6-ef3b-59f7-92ab-cfc8bd227914", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:54fabfcf-8b41-589a-ace4-f4eab9cb63c2", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bff1cf80-fed6-5296-a54c-bb5de1103405", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b208cf65-2957-54db-8569-fc30791fbbe0", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fd04d84-00b6-5051-9c8b-483e5755a456", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2aa9a9d-b98c-50a0-b643-7cbbc0efef9a", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:908e5310-5ffc-5a46-ae20-dce38cea3a47", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3679f40-b2b9-5a3a-870c-dfda85d2da24", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed6cd936-80fa-5cce-963e-baac4895dc9c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf2efb5f-c7f2-5b7b-9645-ecd0ff299c09", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d14d208-221d-5411-b88a-fe7e732f06fc", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03b858bb-140d-54dc-a826-43ad9b5d6c1a", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e151f846-31d3-5a47-8a39-91f2458aa87f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4a61190-71e7-5a13-ab6b-43714fb077ff", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac5d6dfc-33d8-5b5c-9277-d4e1bb5989c1", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e24ba8b6-bae8-598d-8e7b-16eaeb052d1b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:97308c5c-14e1-578a-b93b-7ad3dd95af2d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec6e163a-1f66-5eda-b39c-3cfc91d1d5b5", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5b42bd1-7c31-51b3-b72d-5955798d0899", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24e04e6c-24fd-5024-81d8-a17ef1286504", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c5f348cf-b998-5cde-b8bd-96ea40dc5ee8", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc4fbbcf-799c-5b60-afaf-18cdc00ed8b3", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:adfca4fb-4026-5bca-b711-3e028af4c8ff", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47ba4c24-55c5-570e-bdd7-a8d3c4eb08e1", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a357a0c-7568-51e6-91de-71b06f6b36d4", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:acbe5432-1ea5-5cb2-9cb6-aa7d59646e54", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fba4f268-f187-58ba-857f-00fc778ce65a", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:296efd63-7656-5fcd-bffc-58feedd62fe6", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:00414f4a-89f2-5c75-ad70-827f37d879aa", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-transports." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports@3.5.9.tuxcare.1" } ] }