{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:78d0d98c-68bf-5d5c-b1ea-4ee949d10282", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.4.5-tuxcare.1", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-service", "version": "3.4.5-tuxcare.1", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.4.5-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c96b02a8-a821-5375-8527-5f9127057cd8", "id": "CVE-2022-46363", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-46363 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99fdf1a1-59df-556d-8b30-8b71117a7c5f", "id": "CVE-2022-46364", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-46364 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7dc9b3cb-4f53-52ab-a6a1-ba9888ea0c0a", "id": "CVE-2024-28752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-28752 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ede8b098-dabc-5186-9aab-48426e869c0a", "id": "CVE-2024-29736", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29736 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb6c7f9c-ea59-5df2-8723-68ccc8383dcf", "id": "CVE-2024-32007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-32007 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8cf28824-36f4-5d34-acaa-cc54170fdfa4", "id": "CVE-2025-23184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-23184 affects version 3.4.5-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:684ab41b-7ab2-584c-80bb-562e35d0d448", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.4.5-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b66efa52-006e-59d7-b07b-f3d16f079dce", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.4.5-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.4.5-tuxcare.1" } ] }