{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:779a0b94-53ff-5b7b-a6a2-344e1d0461a8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-x509-repo-ldap", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5c07c711-6519-5c9f-b630-6e8bf94fa9cb", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb4bf41f-6c72-536f-a4a3-554c21857559", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9939fb5c-c08b-527c-b640-577384897412", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9eebcb42-a6fd-510b-8802-063c3e239d92", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ee38180-f47a-5776-a3ff-1c660870130c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d380a20f-8b6f-58fc-abd5-509c4531fa90", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e61cf5b-e917-5afa-9b22-757f8d50db29", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f89bdea-979b-5ae9-8b18-0f98f85bc4a5", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39a1cf0f-fdd2-5ea8-82da-b4fa90a13a3d", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bfc4cf31-77e8-5c23-a228-ade7fbb7206d", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64b31b4f-ce1e-5413-b2fa-316699be5427", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69e37b6f-eab3-5b61-a1c5-f2807796dd33", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33fc4706-8530-57e4-8d49-ed79b27eecd7", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:676aa912-9600-5a98-807b-d2e96d661a8c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92338807-9ccf-5854-9bc2-bc08ad6ee431", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3cf0b78-cf32-51d8-9cd8-f384b08ff6f4", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77277a9b-dcd2-5c4e-91d9-ee946897f373", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d79e8728-95f1-5dc5-bbf3-c5dd9a1ad9a7", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21066918-4411-5e2a-bd9d-d27a5961a34c", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7455eff5-7e67-5dc6-afd0-0ef0a2815e69", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7aa54172-4b6b-5806-a744-e575e49769c8", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:327d550b-c144-52e8-872e-b9a76637a35d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1e887eb2-174c-5be9-93c7-3c7da66557e8", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8a30c201-7774-5fdf-9afa-92dce69ca283", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b53639c0-930e-58a7-9e09-29a7d7f84b35", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d8be11b-2418-5004-ae0c-61e7803d6b9c", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01b03323-d603-5990-a146-897bf11368c7", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b5fa7a9-d8d0-5f7d-9516-b5f7cf70be2d", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ac6ecbb-fa66-5e7a-af56-7b455fe51bbd", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a2af9c5d-32f6-5fba-9ac5-6425ccb56cbe", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07bc8b45-66da-57fe-a462-2461c904bcf1", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c1aedf4-33a7-5739-a10d-38c1b8071bfd", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5a98669c-d308-5d31-beba-066b73d86b3b", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:850af818-85a0-5c3c-b1ae-8b94650ec7ba", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-x509-repo-ldap@3.5.9-tuxcare.2" } ] }