{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ecc20a75-847f-5e3f-b1ad-f6eab8312f39", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-service", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f8a4525f-d15a-56c8-b9c7-1cf1fc47f3a5", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d693627-b33f-5ff0-83b1-a33d7bb28f04", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5097665a-52eb-57fc-8312-78eb62c6877d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5427405c-93c6-57df-ac4d-e25698513f5b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b2ba8ffa-bfcf-52c1-8e77-b716d1897215", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:745090d4-e2c1-537e-b49d-3fbcff9da22f", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:970c3a7d-69ea-5ae5-b33b-9bf6e6b0f261", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:de27afa7-fcb6-5820-99a1-797b7e553e7a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:293e4813-a905-5a8d-8693-28c5f992492b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b93a5ff-8dc7-5524-b38a-b0060139120c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0ca79fb4-9ae3-55d1-b7af-c75fb70772e8", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd6de9f5-cf75-54ce-810d-cdefe13d2225", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f4a87298-9031-5daf-bdef-48d0e3cebc82", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3c81c48a-ef94-5ea5-92fd-9fc0693d3595", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d3da80f-d03b-506f-b94a-a7363238c2a3", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dd57bdb6-962f-5402-beec-1a8cbe8290f4", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e5af0c40-4373-5b0c-a2f2-c3f674822faf", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-service 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d4133877-8ad9-52bb-9945-230797b7d29d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b0b3d6f-8c78-5e4c-8429-c6e580c164e0", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9ddcf57-a3e8-567f-9e2f-9927be077140", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a17a9397-6196-5e4c-b92c-21315dc8e107", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d15566de-9215-54e1-901d-76b6578a0752", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:887b6757-b137-5d2c-a1b0-2fb648e5b657", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0adf0dc6-00a4-5193-a9a9-7d5ceebd4897", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4c3b5a53-f28e-599a-9902-8bb6a9750e75", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:960b48c3-ded6-59ca-80b4-99ddce2ff38d", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-service 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6dae6ef3-1644-547a-8e79-366045ad2648", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0a0c604b-4f53-5f1d-b0bb-10546919fe54", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8388cdb3-603b-53c8-8263-cbf97a4ce9b2", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d80f137-ae86-5182-9bf2-3568b32ffa4d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-service 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab2a8bc3-687b-55a0-bd86-b207c55bb7c0", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d7eec8be-e67c-586d-8194-0a3f33d2b2e0", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d09edd8-34b4-5f0d-b0d5-d55e0645a78d", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a5a941a0-6277-56fd-acbf-674bafd9d522", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.xkms:cxf-services-xkms-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-service@3.5.9-tuxcare.4" } ] }