{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:970f723f-e7d1-57ef-a34b-8e7c5cc961c9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-war", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4e516e4f-ea8b-5090-8431-f245c4702adc", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba331a8c-9a8c-5a56-9011-e1f46b75838a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9ec69c78-8b60-51f8-9cb5-13cd92f35ed5", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac9a080f-ee80-56ea-aa11-3162f8d1a154", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2217b122-6214-52d9-bb54-ad4bf1aa6945", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4292fc35-529b-53de-b554-f6a44bac666c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:252dbf0e-3289-52c1-9a76-eb92a02cf041", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:92427bc2-032c-5c6f-8e28-6f3e7315452b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f606c0ff-9d0d-5bf3-9aeb-9867a6d8412b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c8d6f8d8-5425-5c34-ab5d-3073bca188c8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ef225f3-6e55-542d-b76f-a55784f8c9c4", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a7bf7eef-0a26-5029-8c35-ce10ad49860a", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3a8e6c23-f94b-56a8-9cdc-dff139d8e912", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38f06fa9-e972-514b-9713-8ba6d1687d51", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0bb1d379-bf14-5fe0-8f00-795252b94413", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:35766bda-490d-5d66-96ad-1e03b45227f8", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b35a438-3033-5524-b5f3-212ce7730b2b", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-war 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7daa52ca-38ce-5613-81aa-463680b04d43", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:948f1ddb-b9b8-5ce7-b47a-e1b67b10427a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d14eae7-08b6-5acb-9542-a6a13176abdf", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1d9e437c-b567-5626-823e-91ce9c2f98f8", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0ea6e9d-0259-5fb0-a85e-814bcccc5644", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b1516473-9961-54d1-8938-a7eba9811044", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f389051-096c-5bff-bd12-78514d185dd2", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:894c6254-f17f-5f2a-87ec-d903002f65f0", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:984cf4f9-eebf-5e83-b70e-45aa6f0c83d2", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-war 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd99068f-fd00-538d-9882-74d28605af48", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:496aa0bd-13d8-58fe-8a00-db87b66424f1", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f990a8f-58eb-581f-b05f-5d7939025171", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6229e481-1678-57cf-926e-baf59e9bb977", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-war 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4f26be48-f0c5-5041-a430-9a8a05f96cbc", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0195602-cd04-554d-a0cd-42fde7d2f7f6", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3c1794dc-fba3-55e9-aa75-bda51e89d80b", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9d0f4c83-3bac-5347-9577-7392c8e91a95", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-war." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-war@3.5.9-tuxcare.3" } ] }