{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c977bd45-fc3e-5fc4-a4c2-d24295430a93", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-rs-http-sci", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6ed3ef2e-555b-5d50-b958-e9c1f4def941", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8a5bdf06-3015-50a6-84bd-9450147c41d3", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:98c6b8e3-db83-5619-9c64-4023a2ae5723", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c371ddb3-8d76-540c-9233-47fde0a6d884", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7c647422-dcd0-5e66-b379-dd5407317238", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e59f8d5c-dce1-5926-8752-03b6a7074792", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d707e357-1f58-55a1-8cdf-bf5990d538fd", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fbfb0511-6695-5896-b667-b3895bcf6806", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b822cfd4-8de5-5421-899f-99ce01fbe74b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a0330ae6-b887-592b-a679-f0f31f1e2db5", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6ded32fd-87f3-5d30-a69a-2916b28cd225", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:68120e87-ddf7-55b8-b166-c86ce762866c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6b84e2b9-aef0-5e10-b7ba-dfc0b5c13fb7", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:46e1817e-49bb-5843-a450-eeb9c292a95f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d0231981-18a6-5663-937d-92927e3af741", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c487398f-70f2-5fb8-a167-9eff075a449a", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f1ff39df-e230-5403-a770-751abbf1b96a", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-rs-http-sci 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bbfbd7fa-9267-5f97-8c69-4611e5cc3cfe", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0e251712-e73c-50a4-824f-5368114d38a5", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3f00d9de-087d-5049-9803-16112d60927f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1ec7c3fa-d362-5a90-a662-e345eecb392a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:25e44c19-612a-5d1a-beff-369376ae07e2", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d6f58e2e-5773-5002-8cad-7bc360431661", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:34bbc3e6-cc83-54b0-a0ac-cb2a79a2db27", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8267618d-51e5-5d53-ac96-eee7e74755cb", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6c60b4ef-2844-5648-838c-9ef8e12d1415", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-rs-http-sci 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6c7e9242-5d4a-5041-99a6-4b46ba40facd", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ef8d6b1e-b8c9-5a65-b393-c4084c21ffc7", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5bb74bd9-5509-532a-b9bc-e28314270c95", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cc6ae907-7609-5591-965e-b3aca5478562", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-rs-http-sci 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:91c26aa0-e276-5ee1-8de9-ee5bca90fd9d", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:73803af9-8ead-5392-9866-42fa488de539", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:242823ab-e42a-5d24-af5f-f6abef684639", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:49b67fc9-1088-5e4c-aa2e-0198dbb59f5d", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-rs-http-sci." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-rs-http-sci@3.5.9-tuxcare.5" } ] }