{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5dbee4d1-8915-5b99-a86a-67a960ced288", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-x509-handlers", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a1d6877a-cfd4-5f6d-bfde-1e62677a1537", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd07b19a-b073-5cae-878a-fdb4945703ca", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:afc79e46-8e84-52d6-b664-767bb2df35cc", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a1e7ad4f-39ef-5096-8d4f-209eb89c135d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:95da6f2d-6fd7-5c4b-8af4-6c74b6f137b3", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f7cf8c75-9654-5bb7-ac6f-fb9ad50abb7c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c56b67a9-0549-5549-a75a-cd37f5d41c0b", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8eb77fe-745f-576a-8a96-6128d6428bdf", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c9a5139-7132-5f6c-86bc-72238f3e9b49", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32b42015-2479-5b49-8cc9-bf1fecc2b593", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ac93fc7-6752-5430-835e-61ffccc0445a", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30d9c142-cb72-507f-baca-a6d605578dc7", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f3efeee2-a03c-55cb-8b33-4a24eae7faef", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80017588-e3b0-5bd2-a0bf-d69615e95d15", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c13c6011-f959-5161-bbb5-57fd8b84ecaa", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77c59e33-e1b6-5487-979d-d97d63f6ed5e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:478b3e68-6a27-5bcb-bf05-ac82d4c8abc3", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:61a46385-7c8b-58c5-836e-d3f2cf7d9085", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3230124a-a7ad-551d-acd1-66deacad8ef3", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e1963a51-1b1b-5fa8-805b-5019e0bf6b8e", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37794c6a-1bbf-5fc4-9009-7e67ee784237", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:89da9a8d-7629-59c7-ad8d-10c4db58c586", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37755aa9-d304-5aee-92c8-0f522536b4c7", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ab489041-6d9a-5c98-884d-49b55527dfe9", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:de1b1edf-0c92-5876-adb4-5423346b126c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e36ec471-889c-54ae-bf87-730757eed91d", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1527224a-3721-5c70-89de-c8193ce98f59", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f1e57309-f929-5560-a25d-bac5aa925619", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f53fa315-c15e-541f-babf-65fd0ca472d8", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:393bf5c6-3362-5c0e-8e51-f4b729a72393", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72640954-626f-51f6-90b2-86181427ca0e", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4f5a8cc-133e-5bbd-a2e0-d7e9ed74edb5", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dc5eab20-6f2d-50df-b4f2-a3043337661b", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32d22022-a178-5d43-823c-42c03ecc1a54", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-handlers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-handlers@3.5.9-tuxcare.3" } ] }