{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b2082f98-87a5-588e-9bff-16426aa918d3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf.karaf", "name": "cxf-karaf-commands", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9ec8bc58-3422-5bee-97da-5917f7c3b6b8", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:94bb2506-1a1e-5e29-a4e4-5b77d504eaa6", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:508828df-31d7-58fa-9026-94f8283d25c6", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c12ff074-617e-5677-b33b-0a49b861ea5a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f32716bd-bb93-55aa-9945-2376a3207dde", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e7d8000-0cea-5b3e-8ff9-e580b63db0f2", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ffbaaa0d-3e90-58a7-8688-8413a2b31d77", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed3f7f26-9eec-5ec1-8028-22f5013df52f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:307dfd4b-f355-5c4d-a074-e834d422339c", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f8a7ad0-b5c6-589e-8388-7f4558f4e900", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25d1b9b7-e1b5-597c-b277-a97be196a791", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ba8f8f1-c2bf-5395-9607-935d5f55994c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4213f1df-e1b0-5066-b560-9890c581b981", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4f3dc5c2-b972-5ce1-9075-4f468e4079a4", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3cc3d382-53c6-5de6-9fc5-08ac3d862339", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c1e1bc9b-07e8-5c85-bc0b-3512c30c8993", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:38048158-90b7-54e1-afb8-1364f005c8c6", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:58f6fd11-5b31-5a16-a8f8-b58bfe9efc53", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:adf3e33f-8b1e-551d-a01d-3386ccca5a96", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a19351b0-ac10-54ce-ab4f-57cfcaa70ca6", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:73836f78-7b98-5702-b3b2-a7e57ff62bdc", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b9b410b-134d-587a-8387-aa912012fc85", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:357077bb-9c68-54f4-8c16-85ab7bccb7cf", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:155b1c0f-107f-5c48-bcc4-90f9c9f3ce17", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c090421f-eb45-5da2-969e-55385914751a", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e35390ca-b7b4-565e-9d35-fd4d17701c86", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.karaf:cxf-karaf-commands 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d5167a2-bb35-5bb7-8a7a-675d155ab0f4", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b384a0bd-2622-51b3-9813-b9226966bf3f", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.karaf:cxf-karaf-commands 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0888c29-af8e-5e56-a460-cfb86d8ea43b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cc52e1c9-90f4-5391-8a03-0c6399aec7bc", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.karaf:cxf-karaf-commands 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b4bf2bb-f90e-58a1-89da-3c9c1720798d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b280c2fb-208d-51d9-8d59-3f48d6e18b99", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.4" } ] }