{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8559892b-5a6d-562f-a8f7-6aebe2ab002d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.osgi.itests", "name": "org.apache.cxf.osgi.itests-felix", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:86b5ae4a-122d-5815-a365-31def2e2e529", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d35e194-19ba-5982-873a-7014ac688b1d", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7cebd567-4837-50a7-8201-df7f4e50ad77", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:841b5608-0dc8-54e5-9fc7-c876fdbea894", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a5c690b-37d4-5ec7-b25a-ed8d9d26d5bb", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbab6c4b-f147-5c76-a993-909e916aecdc", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5dec9fb-b6a6-590a-be44-5fab7a0109f1", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0287c2d1-943a-57a3-9d17-71e5c9f704bb", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78621712-d350-515b-a4af-5bb1eec6ec2f", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80816da1-c474-59ac-abfb-0a523bb8d425", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb4493cb-d833-541c-b428-122f524aa423", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4bc55fec-b1fa-59c8-9817-78cc94cc23ec", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f77cb883-6088-582c-a412-a05703e61ac5", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ac8d89c-6c1b-5520-b9e8-dc2f03476f44", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20c765ba-b65b-52c0-848f-cfc6843f2e5e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:595deb08-21ab-5902-88de-8119c5d74f52", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd82021e-f5aa-5cf8-9c61-580376b71d49", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e20d7d0-ce8e-55a9-b919-422037b1b287", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fbc52ab2-6d97-5459-b4c3-324064924557", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e150e2e-305d-5bd4-96f6-d0498f2a2821", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:617c11b0-9100-53e5-a1f5-bc9ba8b05614", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2d4b56b5-7fd3-5957-8460-daade3a2b77a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f46e642a-58c2-5278-9bfc-4e75909f31ed", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:589ac77b-5467-5ce2-8299-29836d0a8a17", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07a0a348-39b4-5ea4-9876-b1d0efb8ae19", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1cbdb1eb-5fbf-5a1d-92ec-3515f69f5aa3", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:81dfcdb5-dd5c-5e5b-a4a6-885fcf7f22f4", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d8f2df8-befc-5eef-beae-f5eefee5884a", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64420491-2433-5e23-b238-b0d128482d44", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:390c98a4-64f8-58ce-a941-27a20034b4be", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc6e9868-7356-5139-bd5c-bea9a58df35e", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79b5b2ce-a310-55a7-a847-c12c1e2830bd", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b7cf428-a428-59a5-ae70-5bdf82185f97", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a089dc53-81ce-5039-9f9d-db9e6a0eae14", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests-felix." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.osgi.itests/org.apache.cxf.osgi.itests-felix@3.5.9-tuxcare.2" } ] }