{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e87ee084-757a-5627-8da1-9b4aed08cdb6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-transports-http-undertow", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f24ee484-4380-5d5d-999b-db034b2c59e3", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:08b67c5a-cd45-55e0-b04c-97b2496107a3", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9663092a-ad54-55bd-88b1-6d80fa646b0a", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fbe2759a-75a0-569b-98b6-b7a469e4e988", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:31a51e03-460b-56e3-9403-5244319df01d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1333ab32-b6a3-5bf8-af50-5d6569698123", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:087f26ce-7012-5b3b-bf08-f2729ceff998", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5ca34523-3462-5c6f-98cc-340d89626439", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bffd221d-9eb7-5ec8-b123-7e109007e1fb", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9582ed4d-26d8-524a-9076-8cfc6c4eadc3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0541d369-c911-5cb7-98b4-25719b9cc178", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af06c5cb-04c2-57d5-a042-3167e50bb3c1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:27efc010-f074-5668-9be3-5afa0c2c57e9", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fa7136a8-f699-5117-88fa-c62061ba27cc", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ff5bf7b0-0b77-5e60-9ae4-f70ae78db8b2", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:61fd1ba0-48f9-5c4f-9e0e-7b2a09dfe61f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3f3fa0b9-ace2-5647-8d81-223f746d2adf", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-transports-http-undertow 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4ee5d759-22c0-5255-8f5d-3104ea1f38eb", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ccec7ea0-63a2-53e7-ad3a-995664852228", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f56da1f7-9bcb-5e3c-a4d4-143a3ff59010", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dab5fed5-0882-5dc9-ad71-1a9dab3b791b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:73c1f357-5cd3-5819-9e16-80e3ca218ce8", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e66862c0-dac8-51cb-b654-3346a4e66e56", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:30fa83f6-4139-53a5-bbd0-7fb7b796b0b9", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0fe31ceb-2690-50d7-b144-cd54b50cd63e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ec9a9ea2-df42-5c0a-9ab0-3850fde1f726", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-transports-http-undertow 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e5ac090d-1bed-5c69-ac46-26b48d69ff67", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dfb54e3b-3e7b-5bf0-a309-ba5e8454c1f3", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c9d5e2c6-d96b-5f0c-a9c5-abf22108cf1b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:48baaba3-79f3-5f5c-aaf6-1590bd558978", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-transports-http-undertow 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b7cd1925-a4db-575e-ad27-6431180c99ac", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:819c0bad-e46c-566c-ae94-a566da93a13a", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0d715352-d7fc-5567-bcc1-68743b04f6db", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a37c0ab5-3c51-5380-974c-3a54cf51cdcf", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-transports-http-undertow." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-transports-http-undertow@3.5.9-tuxcare.5" } ] }