{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:37f6cb85-01e3-543d-80e0-0ee320a5d967", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-microprofile-tck", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f089413b-cd12-5f16-a0dc-44ae93b7d2a4", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:afd53e62-3431-5115-8acd-5cff6d119d91", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46747818-8875-59a3-ba51-c17e5360a740", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:421e0013-7d9e-5822-a024-f817cc5a69c9", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6233373b-0ef7-52ce-97b3-cf005bad8008", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91cc8a68-d75b-5be3-a008-b9604d9eaf6d", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d0b09c9-e836-5636-a303-e3a4f6a9d4fe", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7782f680-bceb-52a2-8c8d-c7987c3f35b0", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4968a889-0090-564e-b0e4-5e4fa19a1d63", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98b56f53-8808-577e-8fd9-b535de1662bd", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:430c0b60-3f61-5b40-9057-25da590ace6c", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96ee2887-7395-5af4-9af0-6db71bf1f116", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74da55f1-b266-5600-9ddb-3667049fb452", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c912649-740c-555f-a2cb-71e59e01b67e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40472032-610a-5465-a7cb-8562feba7b07", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5498a9be-749f-5029-9cac-5de14afe0892", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:858aca92-fc8d-5948-9d76-916e4f96c5fe", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-microprofile-tck 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c6f9d60-c629-5ecc-b446-e0aec217c459", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e50c46a4-85fc-5164-8549-a8ba53941442", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb9ff57c-b265-51b6-af24-b82b26f4e21e", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f51be8f9-2647-5181-b372-674281e26165", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5fea0cca-80b4-59ab-abd6-56d08ad30100", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5cdded2-079a-5b75-8cf8-a9ddfa43f197", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3088fe2e-57ee-5086-83b9-111008d2a5af", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a58a3e5-e783-5f3b-9201-c20e01cb111d", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02457204-6fb4-5634-b6be-6fc29ca58f70", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-microprofile-tck 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd41a55a-27b6-519f-8eac-d2e9987fc36c", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4dec8da-ee06-5797-8b91-2c6a0decc3b0", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cc821f80-6c48-5a01-b5a2-a26e04a0a858", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f466cade-81aa-52c8-b62b-ee72bf5f0d82", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-microprofile-tck 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43b3f17d-0dfe-59ce-bee3-7b21934a94bc", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ec7f15e-0720-59dd-985f-6f41540146e0", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9cdf1f9-8808-503c-b92f-4d5a662181d5", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd64361c-4117-5ef4-956f-6d62eb572448", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.2" } ] }