{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a0fffb0a-a9c3-50ac-95bd-06c4d62631c4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-common", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3933d78e-2d0d-5d1d-ae75-934e0bc74e1a", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:457ab843-7ce3-5d27-b045-88a8d3c6d53c", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fdea613e-34ae-5a1b-a448-09ea80e56657", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bc3f2628-ad79-57fb-8eea-8f7c7f4e569b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f9eca897-1b0b-528d-9610-0d3b36b42d6b", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:811a5f9f-dc8c-5391-b433-932773f7b741", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4f44b89a-5a95-5109-af3b-d7f2a072a9c1", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a742f960-a925-55fa-a2ab-9e26fb8a1e1b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:337cbdc2-6236-5670-8c03-a6447fd6515d", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7ffdabd1-7691-56c6-9820-692d9eeb4de8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:59b92ce1-1a60-5206-b78f-d8ac25270667", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c58f9358-e54f-5843-933e-439aa14b6d14", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aaa462e7-fa90-5445-bc30-a01b0f6ccb39", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:03cb4d3a-944c-5a46-abba-aba7162ec3c9", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e51826d8-5184-5196-886f-ca370ec0b76e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:254dca60-e620-5c91-9722-ad8ccf3d6cb6", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:edeb1062-c9e0-55c7-a66c-b4abe15b8297", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-common 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:81cd9287-5ef5-542f-a222-60b757a03cd5", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2f55d8a6-f999-5f11-9829-5164c9da0537", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:109e2101-74b0-56c4-9ff7-9de095d82181", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:74dcd32b-94de-51f8-9a3f-4df9d8caa354", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:81077193-ef2a-5c46-8eec-58409201c90f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a9a05438-8000-523e-9a94-0e2ee55bada2", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:95d1b0a2-5d73-5233-a443-c76f5eb0aac7", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe70b5b4-eb7b-520d-9999-65314383ab5a", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:27dfc36a-da69-530e-a887-4918db738fad", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-common 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e32face5-6f18-5fdc-879f-d1e11107b57d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:88a9065e-4096-58e4-bd64-ccb9570c5035", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:efef5f6d-fcab-5764-bad2-cc61b90edaa5", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:245e68b0-09e2-57d7-81db-5da7292c5290", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-common 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:86bf67e5-90af-5b7e-88cb-3f3758de6d20", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2da2c760-bc4f-596d-becd-9809ee6a97b1", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ddf685e5-81a8-5aa7-b001-476ab8b7c23c", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07a82fdd-f597-5592-b365-bf853674ec79", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-common@3.5.9-tuxcare.4" } ] }