{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9c34e317-a224-5691-85e3-10b2a2a64ef3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf.osgi.itests", "name": "org.apache.cxf.osgi.itests-felix", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:75f767dd-6a0e-5007-b2f7-27391f9fb751", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:81828882-8c1a-541c-86d1-de223ffceec9", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b16bc1ca-59c9-5957-8a9f-36b1dd0719ef", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:80130124-0fc1-5f42-bd06-8a2e83925c35", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c0abef5f-10db-504d-9f4a-fa95e7bc1926", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75336d27-38ec-535e-b217-e27c4bb8e0ad", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e4153671-d790-5773-89e2-4297ccd07b35", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96d7ea18-a092-51e4-a914-10ba149076b2", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:99a4e38d-36be-5127-8f0e-60a4b2f5f8f1", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26c8524a-9e15-554a-8c60-941bdd2b0fa3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:02c82ae3-e392-526a-811a-1aba6186edde", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32a02239-6841-53c3-9871-32c03d72561b", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7fedfa69-fe71-5b85-9f38-fcef55fa9ca0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9e0c602-cbc6-521f-9747-74105faa88da", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:243ac63f-7aa1-5d04-8806-ac882b004b5b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0673dc09-169f-5593-b728-fafc2a1ecd35", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75174211-05b8-57e6-94d8-f1c77fce0ec0", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cece00e6-ca93-5d42-89a5-4cd4b3ef1a49", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:46e5c370-0cce-5c93-8e47-638ef7c6750b", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:49f14a0d-f596-5077-8af3-3ed937c72295", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ae4fa2d-10f1-5389-80cc-08131ff49ac9", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e5430eed-c31d-5086-a1c9-6fe5b13feb92", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6b740adc-9431-5f33-87ef-a76329691213", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0ae8a47c-2dee-5cb6-a9d0-e4521e5cad39", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ccfcfa82-fd7f-5dba-858c-0b0b445f0053", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:76a38756-17cd-5b3b-a7a7-ccff1e9672ed", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:24f1fc52-04a4-5875-a75d-ff7e07ebfc3d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:13102dd5-d3e8-53c2-b51c-5a629532b473", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec615fa3-9ba8-59b3-83a7-6be18c1c8aaf", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07c6c728-986b-5dea-9fe8-25d8213e4386", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eac2a125-d1ce-538a-88e7-4c1fc221f308", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dbcc3282-5657-5697-942c-d7dbf8e1e046", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.11-tuxcare.4" } ] }