{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:11e3fed2-f896-567e-bbdc-927834abc3ad", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:30683df9-7b5c-52ca-a290-425d0f54423c", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:533c51ab-1a1e-5199-a961-893860f5b5f9", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:571070b6-3bb5-5dbf-8485-64cc3fad058f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a0713ad-1b7d-5716-a012-4905a32c54cb", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23d4ccff-7b60-5af1-a922-0a65bb060808", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ecd9a10-3e14-52f5-84ca-2f206aa2eafc", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81835f24-b3aa-5a0d-82d0-5d9ffb318453", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:87f19e72-a550-5699-8b64-54283476abb4", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dc0975ba-8b3c-55b7-a887-a96f550869f8", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25878626-44fe-523a-8be7-2ec3d684818a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6439aed6-03fa-5016-89b2-3a7e33943665", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f5ecd5fd-e708-5795-b9d9-30c0b17e17cc", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:556f0870-ec3b-5273-96f7-5800533cefcc", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97f2a9c7-6643-50ba-b08b-29dae0eedd7c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e5390d3d-3e12-5288-bf18-923ca0f47af3", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e6ce6567-34f1-52b5-b9e4-c6c25f9f9302", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:92fbf88d-f345-5ee8-a684-211e1a2100d3", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:701d2d1b-1afa-569f-b57f-232c7244cf48", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d812051a-b026-5c03-a8ef-3f0741001afc", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a55a691b-749f-58f0-bc4d-bf6fbac37644", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:796e8872-3034-5a0e-aeb5-07158089de9c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e9c04816-253d-551e-93a1-5821b96dc3ec", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6d28eeed-dc64-54c9-950b-16ecabe16ed8", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:153ab376-4500-5c9f-be70-a6618eca1136", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b4303bb-c6da-5c14-9316-75f995b045e6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff446972-02da-51a3-9ee7-67ce63df9c2d", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9edbb5ab-4109-560a-a087-728a14a2c20a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5800e399-a1a6-5a24-8186-547601553f16", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b162f307-9f2c-5413-8714-3c4f19bd25f7", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:98efc43e-60c7-5145-902d-64ba6037875d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:039e6130-803d-598e-88e9-1d2d60b2e95c", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8918c6e5-70c3-5078-aeee-23c8bf4e30a5", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf.services.xkms:cxf-services-xkms." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms@3.5.11-tuxcare.3" } ] }