{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ccbe0c15-a314-5385-9e01-d43f4f5586b0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-features", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:85f928c8-4aac-58f6-9f22-4444112b7d6b", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a16ab36-e8e2-5234-af61-0b6cd49374b1", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:713353d1-b457-5f1c-9ce1-412a08839405", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4f7ca96-5177-597f-99a1-5294e8549ddc", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:618522c9-69fd-56ff-8ab6-08673d3c08a8", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1287555d-31f7-50a1-88f8-00ae123b2a5f", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:144b3ad3-bb29-51bc-8ca0-88963ef2e5cb", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a7e0bb0-7fea-52be-9816-45f077c1e8dd", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:156419cd-9bb4-52db-807e-097811ef8640", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d26902f1-12e2-5c66-b36e-d0390f4a5f6a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:491c82e9-ff81-586b-b63e-58c02a93d3d3", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:459d8dcf-34cd-53f4-b40a-edbad2ecbbb3", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca553b8c-ba4c-5a59-9649-82a390e1dc6e", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f4cf24fe-f471-5b22-bd5b-bdda9e48a35a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:589aac40-c867-559a-ab5f-af96c5997005", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d9ee6cb-8e19-5e90-a9e7-82b3ebe43ed1", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b27d9200-6cdd-5643-829d-ae178381b564", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:345e8577-4dc4-5bd5-bad2-ee32835778e0", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:afbc7176-1912-59a2-a31b-f081ccdabae2", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc9b6bcc-8b2b-5521-9fc1-167f85e79e6a", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d518da95-8547-52d6-9e77-3dd5664df4f4", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:537eb3a1-db30-5f6a-ba60-ba2560233e56", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f22f9822-fbd0-5e08-ac4a-23a38d72d2da", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2acc1af8-3d65-5e62-b214-e996879ecadc", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5171736-c284-547d-b091-39177553c5be", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc8fd07e-7165-51da-bb0e-5301859272d9", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-features 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f58d6fa-7391-5358-9ff5-d0621d00ae51", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:68e38037-4ff0-50d2-922d-316c25b8a8ea", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-features 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc69d49e-68d9-5731-ad16-96d1ce68930f", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0172ae1-be9e-5ab6-9d92-6da2c49a0a20", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-features 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c24dd789-7db0-5c3d-ae94-7e8b2b86f841", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42115e49-3a81-5217-9411-e2a7ce7eff0f", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.11-tuxcare.2" } ] }