{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:24706cf2-44d3-5628-84f1-c345f97174d4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-war", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:92864ffc-2dc4-5ae4-bad1-b68bfcfe54c3", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a33455e-377c-5456-9fd7-456b6ff11eb6", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:69710cb1-0efd-595f-a3f4-7870c0848cd0", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a26b52b6-ce10-59c7-bda0-74fff9d52fc3", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32cc69e1-11e8-52d7-91d7-7423b71f5084", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9972b0f8-4efe-5aeb-a0e0-4537ebcc7358", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d5143efc-d4a6-5e0c-a38f-72eea0267627", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e28e88fd-ef89-5e49-a082-6f0f43652bc3", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8d805d6-166e-56e2-8c4d-5815d813f42e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3dfd8871-ee0f-51bc-a1ee-9a2ef549275d", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a2a7cf3-4603-5024-9c4e-d22449cdd356", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a60fdf16-5c3a-5b57-85c5-d60c041ccbef", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ab1f3f1f-3686-5f81-a533-a351d696a15e", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6a3cb8d-d72c-5124-8e38-8847989dd4e3", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2152aaab-4c31-5e0b-9f9d-c093106604ee", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2908e195-cb58-55a6-a3a8-6438a076977a", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:009e551b-372f-58d6-a607-00da0e0f955b", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e66f46c8-ee4b-541b-950f-12f7791a5179", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f2861c56-9ed8-5a26-a7c0-0bb12d3cbe8c", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1557f98b-c5fa-59f7-85c4-615e8bf5b975", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aec43995-0e7a-5fa1-bf72-60b0595b6c48", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c10a5324-5f8b-526e-ac75-5ede79eaa22b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23d700ef-22c7-56fb-ae48-c396de4e0c43", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:257e071f-47c9-5f7c-8502-2acd3153e802", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b37e2d2f-21ee-5603-9c70-5ad207bb9491", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dad20ec4-15cd-5e53-809d-87455cc6a81a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-war 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e505aa89-3c23-5afd-94ae-7249afa153bf", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:afd00c91-1c38-5fa1-8820-8ab21ba129ef", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-war 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1408aaa-2353-5944-a473-29a66b66abc4", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30f1bed6-58bb-5258-8c42-6ffef9a8cb5d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-war 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:548c6bd5-4fce-5311-9cc0-2ebfe2453491", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:47b60d34-aea2-5d33-b93c-31f79b4c028a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.11-tuxcare.3" } ] }