{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0c288611-5c02-571f-8a4f-2d279f283a4f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf.services", "name": "cxf-services", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:567740bc-84f1-5956-83f2-4e3d721c1b7a", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d57d51b0-fde9-5a67-88ba-7818051121c5", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ada076b3-8a6c-5cc0-93bb-c50c20cfe7fe", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8c69ced0-eaf9-563b-8df7-2909ae2dcb57", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8ca5af65-d07c-50b0-a3e8-a17cd65b2c02", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:15fb9d6b-dbbf-5b99-b26c-b05db72434bd", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a9362c55-6a1c-5a5b-afdc-3caa61d7df9c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5d4d6ef7-4be3-5f3f-ab0c-d7aead358857", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:98e4723f-0bcd-579d-9474-4216482a7321", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e8c45deb-5e2d-5dc4-9fa5-bf71330d9587", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a06ba755-e7fe-582e-a153-9ddb2d131820", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ab2e0a1e-2a5f-5647-b84c-651a43f86a95", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:11c12dcd-a404-5293-9a4d-0b139e29bcf6", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:82060f4c-b661-52e4-8794-8cd221ba2013", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:22891bac-3519-5c44-b73e-4f2ee252e467", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4ed66766-25aa-5c8d-86b7-a2abf7a6d593", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5317ea64-e854-5cba-909d-fe258c137903", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b1785a95-fa87-59ca-8bf4-938b3866ca5d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0aaa0ce3-e167-5d3e-806e-aadbfd9dcf0c", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8231cc5a-740f-5cc8-b96b-6ef3ae382cd5", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5ce41c4b-837f-583f-8c72-df2434ec2572", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:421a79bb-491f-5ded-b8a5-843949f64e11", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1ae1c9d0-580d-5b60-8885-62fd3dcfb805", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2308a710-a67e-5ac5-b8e6-3d297f460c15", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9d624d13-a88c-506e-8508-3258e140269b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6200920e-1ef3-5c03-a68a-2ddff2df67db", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services:cxf-services 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9d6c2828-9795-5e2d-bc2f-4708df78578b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6e426e35-67e3-5e3f-ade7-212d6c0bfd83", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services:cxf-services 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5d5dba8d-690b-5f80-bf7b-cf93b470d7f8", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:381cbefb-8441-59fb-97be-24e10a7319e6", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services:cxf-services 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:725c1a24-5564-5feb-b394-0587f17635d0", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f03cc4df-994f-551e-9ff2-538138e5a3b0", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf.services:cxf-services." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services/cxf-services@3.5.11-tuxcare.5" } ] }