{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4f428721-9567-573a-a8bc-e1653c276460", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-war", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f647c15c-8294-50ad-a0dd-068322a06570", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e581a2f4-44ae-5010-8a13-f79503ebdb51", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9af1a82d-cf87-50f5-901a-d3eb8aa7c436", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9815c4e7-abe2-5e5c-b18c-98210e057d64", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c54443f6-237c-5b1c-8f0c-2b47591afc47", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22408b64-b2d3-53e8-931d-7817fad218a3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76529ff4-582b-5053-b3b0-ed48619000a7", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0bb19bd3-2236-57af-ae8f-1efd92d79982", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a96df45-bc97-5ad6-b786-ba8e19546744", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11dba937-d96c-5698-a2d3-82e828cbe0b6", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8afc909c-7946-5386-9957-24790acfe59c", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:951d1044-07d8-5054-bdf8-13f87d56c381", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:727b9cb7-ccc1-5e95-9fac-ab8ad402470c", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:afa422b8-a6e5-523f-a17a-de9aaf72a743", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c9eeb97-2e57-5e47-9915-8df4462cad2f", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39fa9ce9-6716-5407-b004-2e262ce35387", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9abe3d03-b611-552a-b6e3-13cae3b7aa2c", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f48b6653-9bfe-5dd8-9767-576a12bec5d2", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05491431-3ead-532c-9224-96b03855dcc8", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:562d1ae6-fb81-5ead-b6da-fdd5c3d511ca", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:496ec07e-5edf-5d2b-abd2-7ba6d2fbdcfc", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ccb9a863-1b49-5c8d-9b70-e4dac7c8e729", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d734e9a1-fcc3-503b-8119-87b2e9417119", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7906e912-411f-50c3-b54a-5cd50e7c3a10", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc5c6f46-9176-5fb0-884a-d4551ad7b331", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6f9673f-b88e-51d6-841d-858d053b1f76", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-war 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dc74e772-b984-580c-9bc8-a956a286adc5", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0defb7d-5076-5298-98e8-1225914c051b", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-war 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4acdb3b3-1f96-5a1b-b5c8-0bbb813c1500", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a59516ac-c26c-5407-9bc1-556777c4df42", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-war 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f99cf3b5-7f23-53b8-9ffd-8b3ddf6cfff7", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:351a487d-55a9-538e-bca9-7d39e3d8fa51", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.1" } ] }