{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:be105c90-9d3c-5577-acfa-1e54c738eee7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf.karaf", "name": "karaf-parent", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:888b1dc6-73df-5a9e-9385-3ed30d619af2", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b49796cb-6b83-5901-9f76-1ac1f5be88db", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e2ff4830-16ba-5267-bcb6-68eb1dcd3ed6", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec92b9cc-a31e-5d37-a868-594abae30a5d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4dde3448-0c3b-5a10-9f21-ae21a619f42a", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:21a80c86-03ef-5546-a067-6de7aeb48ce2", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:92e8a02b-4a3f-52a2-a568-605c4e97b04c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f6977b6a-d44d-536c-9410-b540e9776ff5", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0e248e19-bc27-5e1b-90cc-b3cf425359f0", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d4543b1-5fb4-558f-b923-388d614c7f16", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f7da4707-89ad-5a67-a320-f5a721d9442a", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c15e0c98-5ecd-5738-b702-a8ea905f107a", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:809be987-767b-5266-b1fb-e45f86077a94", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d19b2dd-05d3-566d-a07a-228de095fbba", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8e6333dc-89d4-5bc2-b607-2c378bb5d9a7", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1f5213cb-ec11-5475-b965-f3b73a044554", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f2a98aaf-1aac-5fd0-af54-2d182530da55", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2fc67ffa-2c4b-5971-8e41-56fc50d7062e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:93f055e7-e9d6-530b-98ca-fba0f7af812b", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:832f33c7-9b56-5a23-955a-b19d549b5289", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:74f0fa21-d04c-5bec-85ec-f484efc398d2", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7d1c55a8-bb88-5908-9e97-72d9a2fd1536", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:667e57d0-4850-5860-9f77-77b3e679526d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f276ce0e-c587-5356-bdb9-34649ba53916", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:38c61ce4-b84a-5bbe-b203-eec7f2829458", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:02493bcb-5557-5fd3-91da-0993b5cc7816", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.karaf:karaf-parent 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1710acc9-5634-50d3-ae16-d042f04ef00f", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ca81caa-57a0-5857-b09e-24222e9e1f32", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.karaf:karaf-parent 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4446d636-5389-59ef-a60b-840db60ab2eb", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d94d8919-28a7-55f2-b188-26f1b1434aa4", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.karaf:karaf-parent 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6541cc92-0364-5789-bfa2-462f2a2327c8", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:00b4c5b4-0d7b-5fe5-b57a-f555c013bd72", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.4" } ] }