{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8a67734a-6bf2-52ce-a0cf-6ccc202670a4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fecad299-191b-5b37-84a2-b6ab6a9f7685", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6688a6d2-55bc-5f73-9736-710e3a21f94f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f4e12a27-0530-54d4-a389-acd8521639c0", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:060f6c31-36a8-5dcd-96f2-e09a5eed16e2", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9ef7352-326b-5ea3-af1c-f07027f66b54", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:99a43087-b382-58d6-b3df-5fa32b5767e6", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02315045-47be-5910-af3e-522766fc8dba", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4c1296be-94f0-5a5b-bc07-78ac0be20295", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6375345f-a805-5208-8733-d9e5e1cbe471", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4ace8d4-aca0-5580-a4a6-50127852cd1f", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b2e00e8-7f7c-57e7-9344-4e5b62cdfa0f", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a5530ec-9260-5965-b1b6-5ef1b9163b15", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8da5709-dc4e-5228-9954-654d8276b222", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1861e99-7e8d-5aa7-bca6-7cbad6e319ff", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:34dd4489-e02b-5757-97d1-d5bb8115fc3c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:138dcf8a-d500-5293-a116-3299bddf3b58", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11bd4fc3-a745-550e-875a-1570d36fe0e0", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2aa8607d-4169-51c3-b40d-1fd377689f51", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9cdb0d6-9363-59aa-af43-f68af261a0a6", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5e6ddbc-379b-5844-baca-c66f969629c7", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca24b50b-5be2-5dd7-b6aa-5399ea28c7e9", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b3ea41a-bb73-5750-9f66-ade278d5f9a4", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26a3e258-0097-58a6-a751-eded22d26761", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8211f2f7-4340-5bd3-83d9-e989d73230b9", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74c8c4d0-4c0d-5d8a-a339-4de79a216a02", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f11e063-a1a8-509c-976d-ab623887f6c1", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a7d72be-8799-51c9-ac4c-498636636af4", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bf6edfda-0386-5449-a263-1451f62a3fbe", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:972dd552-d4c0-50c2-9587-24d62e67180c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9bfc4714-e475-5a0b-b763-eca50b42fa3f", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6796971c-3a65-5003-8ac1-ad1770e19201", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2aeb605-74a0-5c8c-a3f0-4b8ba024bd89", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.2" } ] }