{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a42d2960-04d4-53eb-a959-eb0dad2e8c28", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-common", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1d5da4be-6ec8-5b9a-a456-1d5370e4476d", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c0f728fd-68ee-5798-bb05-dd0a02fb6003", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b7baf427-f71f-5021-a600-8850cbe449fb", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:94aa21f0-d75b-5719-bbd1-d580b38e26c8", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ee4150e2-bead-5e69-9444-a8e76d4c80d2", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:40764167-4446-5dae-b4eb-0f2ebe0b5b06", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:116138d9-2cb3-5364-be58-c2b27ea296c0", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:023b685d-9a93-5a46-89a9-a3b303a81b33", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:01f93134-0dae-5e01-856c-4b3e2ea091a5", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ef6eca6-d6bf-59e7-b0d5-17dd21f70794", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:33be22d4-1f61-5329-a7a0-85fb7d210046", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9ef3df51-1db6-5eb4-ac3b-011f89ba9253", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:80cdc514-daaa-501d-806c-8a242aac6667", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb10c11c-7527-5db0-9b80-fc9715f5f782", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7430f043-8613-5ddc-9c42-d2cfa3ac946e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:efc84bf9-455f-5667-a041-3550a96f274e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:438641a7-9f2a-56f3-a274-1ee50026de57", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ecd60504-329e-5086-9e29-586e87e37d12", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e4d8c7d-5db9-5b64-8fce-7842e8e0592f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e34a216-3850-5409-ad28-0e4cc379d2b3", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e39b1796-1006-5f6f-8d83-673f51b83d46", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1d860ba7-3765-58d0-8036-d9d25a8f92b0", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8a5ae05f-aff6-5b8c-a6c8-afc542761f33", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06ac714f-4e71-5ff1-a6f7-98e5c54ca266", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b52a1c21-9c29-5554-8b14-68d0d80d8d7e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b131594-ede4-595a-818a-2893ca085d04", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-common 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a523de53-1665-5419-ae9a-f31235a59ea7", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a67e071e-d3c7-5c23-8a83-3de16b9ff84f", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-common 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c5a425ed-f9c1-5db3-bacd-5d2ff1884b51", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:71af5604-3740-505f-b694-9301ec5b00be", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-common 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cdfa4bd7-30b6-5829-9a14-2f338741aec5", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a56dfd4-e54c-58b0-9624-2e7573af172a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.11-tuxcare.4" } ] }