{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:282ef0ea-95b4-5a2e-be4f-d717fd70f4d1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-microprofile-tck", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4ccfa19d-fe10-5654-aaa4-3688757f57d0", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c9baa8a6-fe33-5c71-8425-0b32afbdae15", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3408bccc-9f28-5e09-a3f2-1df2ec105771", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c31fa162-16ea-5478-89cd-b2b8d563cf94", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cb17ab19-a78f-57f7-b6b6-1cda394e6a40", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:05649ee8-f798-525a-94f5-34b798df80b1", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1976ad05-a920-55a4-9265-d53459e5e5e5", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5afa2ece-49cb-5931-ae3f-c61a8ed7cc91", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c2bb0c15-1373-52ec-bad0-3b385c15ff2c", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a0b61daa-3dd3-5b7e-8b0d-d05d905b60a3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cd7cb51b-5584-5a54-bce6-77adb32f34bd", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9d8ed578-8c31-50bb-bc21-e06d9e50638d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:09bafaad-18d2-517e-9200-6261ab176a72", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef101b6f-b431-5591-8d7f-b3bad2c05463", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7fb62f99-b154-570f-86d2-1eca0de437bd", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:74c86163-4934-5eca-8542-93e83c4a7cd2", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9a3d0091-5b43-5aea-8901-7fd8679d19ab", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-microprofile-tck 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9adb28be-c960-536e-bc42-0c01a04b02be", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06ab62e8-e47d-51c1-8f13-1f5c58a8ec03", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b9b2507-8cee-56c2-bbeb-a812c7a11343", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:320705e1-1726-589a-9b2d-d8ec98734b5a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:682c312a-db91-5999-b7b5-2d67186b2cdc", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:efb2da94-21e2-5071-b1b7-3f3371cb3fc8", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:73130dc9-18f4-5e15-aba6-e97a87a1da9f", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b95a398d-1d54-5a68-ae33-cd4979d8e658", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d263513a-8043-590d-b9d5-2420c7944e62", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-microprofile-tck 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:265f93e1-9a01-5f48-a222-3df200b407c3", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:63b847b7-c3c1-5714-a15b-1a67a9097bbb", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:409085d2-cb8b-565a-9ddd-992572a50810", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b518593-bc7a-5221-b611-760c959a08cd", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-microprofile-tck 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8541a0d7-5c6a-549c-ad6c-1489dff7dd4d", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a6296809-b3c8-5e99-bc5d-48d657c79543", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d164c4f-311d-5911-9809-009ca686be22", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2b4b76c7-79bf-5699-80ec-09c8c6180c6f", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-microprofile-tck." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-microprofile-tck@3.5.9-tuxcare.4" } ] }