{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d79ce09d-4c65-506d-9d98-8a85facecc39", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-common", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bc3d6226-61b4-5850-9251-442b36f25ab9", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:423e56ba-4c6a-507c-bf0c-b347ed26a807", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:040b7bc8-61eb-5e33-a09c-caf0064b1660", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8b291bf-0792-55d7-8773-a6582b6b2400", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fffaae0e-70ef-521a-ba6c-ba82db8a5010", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74c3fc7d-a905-5301-b419-680ba0669a3c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd184c15-f2a4-5a87-a45f-ff029a5bf990", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:adbd4201-cea9-5cf8-82e5-26dced67ab6b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf34ce84-37cd-522c-81d8-340689019ff6", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7e70c46-bfbd-594a-b802-6a138b6a1ca6", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e005a233-6f05-5496-90ab-642a48fcf604", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7bab5677-79ea-537c-92b9-61f0176a45da", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84815368-d2c4-5781-8232-612c63a8cce0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e574433-63c4-5a39-ab15-d3a6b94adca5", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37de8cab-32fa-5b83-a0dc-955f14f69cc0", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cba86e10-e3fc-5432-a2f0-8dcfb45a9728", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:227bb84d-a652-5d7a-9776-5e7c7dced440", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-common 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f26874b3-0770-5c07-a119-6510eb63b72d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c06a621e-97e2-5d55-8b98-814eac266af4", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8fcfa59-af6e-54f6-bdfd-707f30d06127", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a07866be-f292-5fc5-92fa-f75a9247a178", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:50efcded-03b0-5741-9e79-126a24f6d623", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b758163a-18ad-5310-8203-171940754300", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e3e7475-a3da-5eed-9e76-e14ff3354977", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f19083ab-6d5d-5583-91dc-0098e6017783", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4262ea8c-c49f-5b14-a701-c84073afbe10", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-common 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f01bca36-a607-5022-8fc3-6e4721eb63b0", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32f05243-de1f-5f95-b65e-af55e984c20d", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e97989f-9ea8-5264-be2f-2490d52928aa", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5928d0dc-4638-50ed-9953-32f70488c5f3", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-common 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9afb435a-230a-5fe2-b247-c3a5991a74d7", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e9da4b0-6318-510d-a64d-5b50e3afbadb", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d9af49f-69ad-59a6-95f1-0774a623bfba", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28eb6e37-6609-51d5-babd-96ed4d5be8a1", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.2" } ] }