{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0c5acbb3-59f3-5947-8d0f-49666e3ebfee", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-features", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fb6bc6e4-c834-55fd-a398-75c0177ccf3d", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7774a6a-f31d-5bf3-9068-6cd455343eda", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1ecbd9d-f317-5890-be6c-f218f31e2f8a", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83339842-60d1-5150-9940-70bc355be8bd", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:953a51d7-eefd-5df3-8220-07e04e1a2b83", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:86fa3053-48bd-58c1-87e1-ab307a4e4c9c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6364f2ba-9e6b-51dc-a67e-712301447369", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f18525d-83df-5433-8b6f-05e6307af52b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb333021-9959-530a-a5cf-d8da8bdab5e0", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b445ae0e-cceb-5099-a302-0e17b684a4e3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06135d63-b573-5a86-8d5e-2663dc92a7ad", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c120c95-b0f5-5acc-b312-16d078fc5538", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f167eff9-af49-5ad1-b5d6-a8dfdb14f9a3", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4f00524-e368-55b2-b4de-b8a7c7f5df93", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53541181-6876-5850-9572-2f13137b43dd", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:116a1d78-2673-5299-999a-0778d4cdc585", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbcb8293-4bef-503e-a2f5-52de915d399b", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-features 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a40e85f1-e386-51b5-8d63-e5e6ba871d57", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c1648c22-77bb-5da1-a4b6-d002ea840263", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a1260f6-0689-5759-b499-99bcd6197ebd", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc26f28f-f680-50ee-b609-47e05dc9d11a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d5584aef-b79b-5951-843e-aa211ae3812e", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a3c2863-9edd-5fe8-af9d-8d8aee0b0ba9", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9963146a-1a22-543d-a011-864218ecd168", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eadce083-d4bb-543a-beef-ac993fa652af", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:960072ec-3d73-58f0-847a-6df230c0b2b7", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-features 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ce34b20-e55d-59d9-af25-97ee30c78cc8", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df635b18-f837-5c75-b3b8-0dacb5b552be", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eae3bdf7-0bc6-586f-bdfd-b609ff39bfb6", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe1b1332-4106-5574-b161-e34579febb9b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-features 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:467e1e28-cf45-5cfc-aba9-9ad9365d3496", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b22116c9-9f96-580e-9d00-851cc69e1bf6", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0554ce7a-f6fe-5785-b357-6c3a8a321ada", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93b3b9ac-f302-55db-89b1-ca27467cf763", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-features@3.5.9-tuxcare.2" } ] }