{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ba2bbb0c-8c70-58b2-9586-8ce2c51c71df", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-client", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4664f350-3aab-505e-9d8d-25c852371ae5", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d318ebf1-b4f4-5208-9149-2a69308b6698", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb7f73f0-ffa6-57d8-af61-dd8a92be8197", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:385e209d-0545-5807-a0d9-4c2ffaaf15e8", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c494dc7-332b-54f7-8be2-a169bbc2e083", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:81844f18-288b-5f96-9734-6fe28ea2aaab", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:61986b0a-ee0e-5ec7-a6f6-28d1d409bcfa", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc67521a-d318-542a-bd52-96d306e914f2", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65b59fb8-7dcf-514f-a0de-d2b8bf6c32d3", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:87a440ec-a1f3-595b-9229-2f27b7c1144b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51db0090-c97a-55e3-b081-6134706771d3", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d4741fb5-e2a2-5312-9005-8adc17e2fc2d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e1d8e1aa-aba8-582b-bfd7-28276795d6a0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bff618b9-e2ee-546b-bf39-9c0ad18da983", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69944738-27b1-5800-b513-dc27f6e31812", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a09aab65-4648-56d2-8360-4adbbf3b513e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ffca1644-9bdb-5043-af55-266be59f251e", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-client 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e682adb7-123d-57f1-b5a1-b601705de557", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b38d49b4-409c-552d-afbc-ac81d5bed2bd", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec992db4-ada6-5957-ba5c-05f8963c16c7", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d37b2d0f-8fd6-5ada-8b80-f74cee8aaf90", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8305eef-d0ec-590d-b5ce-c2230a9b4f77", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7261d422-e4ee-5fc1-b86b-9b79cb678a19", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ddb6115f-c357-5831-8b86-b376029b936d", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4c90000-0673-52ed-854d-f468a4fb8f3c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b9024a9-23ee-5c94-9eaa-740fbc446157", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-client 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:061aaa64-e14b-559c-86e6-f82542941bd5", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:faa23b35-916b-5d70-a23a-face78517d61", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5aec94c3-e78c-5fad-866b-a3f5775d6905", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2bd397b5-a93b-5e8b-8a4f-0949c3eeb845", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-client 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4b2984c-bb90-539e-9662-7ea066993d35", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:654a7cd0-8f1f-52df-a0d3-8a9f3ab83c43", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c693144-8af9-5407-a327-59c63e6df0e6", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ac7eb99-4856-561d-a875-7a9ec5d1ac70", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-client." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-client@3.5.9-tuxcare.2" } ] }