{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ee3319ff-e9ea-5bce-943e-95776d543955", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-osgi", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:383a5e96-b8d5-5c28-ad65-14b0abf4b580", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76de4852-c287-5c09-ba88-584a7831c015", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b9956c3-8a68-5278-af45-7cdeceb5367c", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ffb9bbd-fd48-5a0a-9430-58bd362c2eed", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb4891ac-6467-517a-8ae1-c8dab2a703e7", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33c7f74c-cebb-57e2-91cb-82721f125fa0", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6503f60-c036-5688-bfb3-0a2c6e73920d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b6bb7a5-eb58-54e8-ae40-e128e1a17566", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b9e5b7d-8e7c-535d-97ad-8f722c168227", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1f4226f1-0079-50d8-b822-c82790ac2035", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3a5023a-855b-5842-9532-c92fc5048f91", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1be33e0-0b74-59ed-8ccc-58ea3a6fe2d3", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:48bb264e-c822-57cf-89b0-73c021d13a90", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3187c15c-4373-54e2-b5ad-3f5667de6128", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba9752f4-0806-5e09-a8ef-252d5532c315", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8aec88ad-c64c-5428-9ed0-2a2d81956e6e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7798cad-841f-5413-9ad8-e470f2df212b", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1dd137a0-d050-5f0d-b874-92f300e3cf69", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a617bc3-d473-5b10-9045-0ce7872fbd61", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21b36793-8b28-5c94-a4f7-777a67336926", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e2762d8-f92b-59ff-ab4d-0f9ea259e8dd", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7cac79f-d7e3-54b8-bd73-bb0d425ab171", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0c26906-d510-5b0e-b0bf-026c51851224", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43f73ac6-36ae-5651-8b32-47c6db65aa95", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d0bb2a6-d918-5abd-b576-ca1734a9bcb7", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe5b16d3-f662-5624-b3f6-f42396aa7e02", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-osgi 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08be2514-1ee7-50dd-98f8-50e9a03d13a3", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:348a2550-f046-5b51-84ed-f5137e26bca7", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-osgi 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c0b4165-d268-5b7e-8810-6410fa408fe8", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57b5f14e-9125-5934-a5db-8bf99316e18d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-osgi 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e84e7cb5-dfdb-541a-8bf2-68c2ecee4c8f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bad3c9a7-e5b5-55ef-a566-d019bc895914", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.11-tuxcare.2" } ] }