{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8bd9dcb5-50c7-5868-a468-62752ce0b550", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-common", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f57f3c8a-250f-5322-847a-97615b11e245", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2739d9bd-5640-5683-8737-56d89b541e56", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a53a866a-e44e-5b85-a3fb-f338f6f9ea09", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8973a71-ba6c-580d-ba0b-2e765aaef8d6", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d26c1e88-98ed-598a-801a-857b73b1c7e4", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cde39d38-610e-57c3-9fdb-0c032b1412f3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:91a4173a-b732-565e-8962-aae3da3f903c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6927d3a6-1e8d-5106-a638-febf9aef9980", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f653cf39-0aae-5630-a8dd-330bd0e8af31", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37cfd355-ea5c-5d4f-8eb1-57a17fc325f8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a9fd9f44-7d31-5f86-a88e-4a4663db9914", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0f3d902-2a1e-521c-9635-79d82cfbe3e1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:946a8129-0d29-5b28-bae5-0cec62698af7", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66a4ee6b-f663-519d-a6ee-340b71179f23", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b1d6a31-4624-53af-a6cd-a1846687d722", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ccbf5fa7-2906-554d-843b-161542d238c3", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7a70ce88-9778-5dcf-af9c-1cdef465ebfd", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-common 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1dcf4b24-90b8-5b96-87b6-fbd40c2d693b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:971a63b0-e3c7-5862-9eb3-9e8620f4a82a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97c0e309-aec7-55d5-8225-06454ae035f2", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2321450-ec16-52de-b913-1f62f3ed223a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4511bb0d-0b24-592f-8ee8-e11825df97f0", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4afd039a-f41f-50e5-b1fe-e33acb6defec", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:508a4136-29e7-5dd2-9161-6a8145cdc0c6", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b752746c-1f25-5e7d-b0bf-35e30cae53eb", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ca6f9534-907b-50df-be80-0ac621baa7a5", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-common 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b94295f9-414e-5597-9019-a263640d3eb9", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:01e131cd-4dbd-59d2-bc27-d98ed4b9580f", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c4d10952-a1a1-52aa-84e9-e4fda240b9b2", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:780ae53e-74b3-54be-91ad-342e99779b92", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-common 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ffe2b6bf-b318-59ea-8fdc-99541025a38a", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d5294b88-ea1a-50e4-b57b-322e7a21c4b0", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ae3b150-a6fb-5ea1-9f46-2b7ccc42ef59", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0cc791a-356c-5c7e-9b21-ab1b97258b89", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.3" } ] }