{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:823ad523-1e74-5e8a-aea3-6037c1180faa", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf.services", "name": "cxf-services", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:40eace8f-9167-51a6-83b8-b23e379bfb66", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f4d82484-b3e1-54fb-8175-cc6081de2f59", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eaaf247a-5de3-5cf0-b987-a71907d5972c", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb05fbf3-e2e5-5dce-a251-0e8966563152", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e06ade82-d37f-55a8-af95-890a73cdc3e7", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4cb80cee-c919-568c-af9d-db1d21227b3a", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c014503d-d11c-5071-8f12-add819b3482c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ae83f5b-9b0b-5c49-8d51-e32003fc820d", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1782ecb6-6914-5767-b60e-f5b71ad33f22", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37ca281a-64d8-527d-9124-abac9330a7c1", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7da92c56-f2b8-56a7-907f-de2803ee3689", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b1a6e16-c38a-527a-9c7c-5b1f32bae837", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:acb58ee0-ff4e-5ec0-8189-daab290f2274", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d1b885c-e530-50a0-ba81-d0c8cb63a749", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e22aa0cf-4add-5ace-aa8a-76f7a9267e66", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:979bf2f9-23fd-52a6-811d-5d5981b2ef83", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17830d36-18d0-5fe5-954d-8a9f46e3cada", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec737732-08aa-564d-948a-c83a50e80b55", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d8826abe-4431-5ee1-bd17-058c1b8ca7e2", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e2f802a8-b184-59cd-bb1e-1357c365366f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3f23d4a-0ad6-5709-83d6-7780c01bdc8e", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:89113481-46cd-5e9f-85d0-e99b7c2ff8e4", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7878b1e-cd86-5ffa-b2be-e281b3b60f4e", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1e915ee-8b1b-5217-bf5f-a67dcabde4a5", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9da8863-b0a2-537d-a3d0-799432a4ed25", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06ebf534-c150-59ee-a6a8-f9c3f731f19e", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services:cxf-services 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10b16dd1-13d8-53b6-bed9-264b60f844ce", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17e4febe-5d11-5a60-bd70-114d02ed3126", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services:cxf-services 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de54d4b1-2cb5-5f17-a1b1-72d6d745f157", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba3931e4-d295-5957-9605-5b751238f731", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services:cxf-services 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:838d34f8-9ca5-5697-9580-4bd3ff1c4013", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d328de04-fa09-5e3f-91cc-21bd606a0cde", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.2" } ] }