{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6dcd0dc8-d3fe-59c2-9642-3a059619e668", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-service", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:46f18d41-03cb-5819-bac1-4e1ffb3eed82", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73e33da1-84c2-5ea5-9e06-7d6217a51232", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:701d7b1b-9542-55ef-93f0-e14d458a2b99", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27d3dd48-5df8-5643-b7d6-23db3ccf874a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:30bb5f94-3884-5320-a999-316ab7a04d5c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b00906a0-807d-500b-ad08-9230607e1f08", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:706ef25e-4ba7-5b40-8225-b8a9dc8a0a2c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6342502f-cd3e-5e81-9f21-37cd788fc0a4", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40217486-c03d-560d-906c-4c87e52224e3", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:54e7770b-650e-598a-9ff0-84a74fb5cae7", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:68c3a8dc-4a9e-5999-8fd5-859597013f7b", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3cb6658e-4157-57b6-a72f-969637447d97", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b44269a-59c2-5af2-9dda-3173414798c3", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f0a6ae6-2d9c-52be-abde-d6346e4934f1", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e5e6b7c-71c9-5d6e-919a-44572fc7ad95", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5977c1ba-6214-5453-822d-6767ee3184c8", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a8b164a-17a2-5a26-b463-9fc0e70844f7", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ed9cbc0-c8a0-5155-90b6-b3dc11a09e3f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:700c178a-d42b-537c-b656-f4d44eb970c8", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8842a58-b4f6-50cb-8267-8fd0cde074a9", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af8b83fd-ece7-58ea-924a-9929eb5671c6", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59c6819e-6d0f-5c0d-b7f9-d0ca22e0e7fe", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05b45c21-6dc5-524e-9ed7-bb581195a9e6", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cca4826c-a1a7-5cd8-a7e4-b4449105a857", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a2304474-c883-5fe4-beb9-6ce1adbb22a1", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90f956cb-44c3-5893-b1d3-008b48c86c38", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-service 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc6ed0e3-5726-5794-bd51-f06cea1d235e", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69476896-fdd0-5957-9708-b63764858b80", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-service 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a28edec-6aff-5db2-b4e8-c5a7fc86f104", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce608adc-b964-535c-9c7f-67e42220b869", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-service 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd1b25ae-2cf7-5c58-a53d-867edf8e7776", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c37e0d5b-ce84-5d5e-81cc-29f97a417218", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.11-tuxcare.2" } ] }