{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fe323662-fc74-5c79-add8-fd1b9724d61e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf.karaf", "name": "karaf-parent", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:18bae677-facd-58ab-b53f-f3671f34952b", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:88e6c466-f622-5108-a7e5-35c7e2827756", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:86bad52b-e715-5a7e-b4f1-179da8f7b0f9", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:93c207d7-b37f-523f-8553-f84951d9fa3d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:da8bbc96-0b6f-5384-b2b1-a6dd470ebe8f", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9a7fc38f-a2f5-53ee-8e76-a633c7a19cc9", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:333c4e31-8de7-5b57-959a-af2bc7c94ede", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4be145b4-3ffd-54f7-a954-090f68e3c756", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8a7383bc-d005-5792-aea4-ac8a9c08e1eb", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2189ff4d-a30a-5b0d-8dea-c31e7af7b3be", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e0d73521-e9e9-5856-90a6-1272990119eb", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6601d2ce-df96-5545-afac-c1e97d598c57", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:415421a8-8fbd-55c2-a764-c8c3aa8844be", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1d9b496d-00cf-5d94-a611-e6d09b528425", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:93e151ac-b66b-58c9-b86d-391a8547c381", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9024b067-7f38-5365-b7da-20e7a148ed40", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f5c06aa6-1ef4-5c94-9590-892c8a2c0c15", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6515a0dd-aa28-57c8-a1bb-9e84c2e8378c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d5e1f5da-3a68-510e-a905-c9ca7d56b87b", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d9dd435b-0a11-5e81-b198-f319a9469f65", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:004c6a88-550c-5e29-b204-d143777e797c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2ca8d8da-aaaf-51d5-b510-603590a612f7", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:76e5fe1b-5cae-5d3e-89c2-ca5be172a831", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8c624d11-6c07-55ed-ba13-1f42194561b7", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8cb1ba49-e06d-5f65-b063-9943e6e9de64", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0b06a0c9-25bb-5ac3-8830-8c6bb6d80a26", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.karaf:karaf-parent 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7edc76a7-49f3-571c-bf84-52ca31f4feb8", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:470caee8-d1be-534d-ab30-a0f6b532e8cc", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.karaf:karaf-parent 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:64904aef-601e-55c2-94d5-8714105fcee0", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7b5b34be-e156-5261-8f6c-fc70610918c5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.karaf:karaf-parent 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7f111231-3b71-50cb-9d38-3d42cd5cc1ba", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e3f7de7a-6503-54e6-8e1b-c592faad5220", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf.karaf:karaf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.karaf/karaf-parent@3.5.11-tuxcare.5" } ] }