{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eee3cf4b-e3eb-5a3c-9c3d-96c5e43c8fa5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-war", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:56f9ddeb-f07f-5d7a-9987-7cd936779a30", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c973722b-02e0-5107-abcb-6212364a952f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a8f9df8-42ba-51dd-8463-45d82b587029", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d45a9b90-fc96-556f-b3fb-ba8b7bb5bfcb", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc2d2714-0426-5974-974b-aad264f164c0", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd6cbf70-4415-5e1a-a974-3d1d6265b5e6", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:600fb5b9-1c50-5eba-ae2d-83aba026c368", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25082c83-f3a8-5965-9f3e-cc1056809cd9", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62a0efd2-65a8-5f02-852f-311566007dcf", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c2e1132-bae0-5a8e-88ee-6f83c7a6af3c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d5ad7d5-f18d-588b-a8dc-2d648cc89eb6", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5281ed17-08cc-5b8b-a3d4-90deec7af12c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb96f51b-0da7-5b15-a45d-213e54bc9ee0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1dd3f997-0b70-54dd-8a2f-96572d01258d", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76001d5f-ce71-575a-a997-00692ee34179", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a0fee4e-13e8-54ea-b81d-96629dca724d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4fadb981-882e-5bd8-b13b-37c814b93f00", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-war 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0837d7d1-53d0-5a08-aac1-889c55fad4af", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:727039b5-638c-5c9f-b575-6637cb7a8420", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77f4c8a7-572e-5472-a7a6-40c83a0c3064", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46f4c7f6-ebc6-5998-88f4-f140c9d310c3", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0bd06829-4ea8-5c75-b521-4cd666949831", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9359e731-9d30-5f7b-9f92-04c279fa4481", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91511cb3-ec60-5ee8-89b4-b66b49ff207b", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e145ce82-704a-544a-991d-88b0c579a01c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b4dc626-60e5-5cb3-bf4f-c218324ef47f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-war 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7869974-d996-5328-b8fe-4070f8ea4372", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90b026aa-1d3b-50af-925f-8749c564b99d", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75ae36bd-ff37-5f6c-bee2-b863aefef290", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2da80156-81e3-5a46-b49d-c6e60b65b36c", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-war 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:758d5ffc-a11e-503d-aa89-ecd3481df748", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40e47059-e8d0-5499-8baf-399267262b15", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8aa4460-70a9-5930-a096-a8c6640fba57", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1db7780b-4f9c-5d29-b873-cb793be9af62", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.2" } ] }