{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d940a258-ae5b-5eea-af48-dcc8768648c5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-cdi-base", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:05e78044-cf39-504d-9217-46ec72abbb63", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb7576d5-f7ee-5312-8b8f-3d7f50673bb3", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f8c33cc-74d3-5649-b1c1-71fe59ccf063", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21f17d49-99ae-5239-a6e1-455f56ee5652", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5a7788c-6945-5c2b-b28d-8a734cacbce0", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72254271-3fb1-5016-afcf-cae063ebdbb2", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d28d17c6-3e86-570d-b989-9a76f3bb8e4c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c8bea97-593c-5ab6-8847-b79275a62512", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d91ba252-5c35-5fcf-ba72-3c9405f0f9a0", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e716bc0a-0134-5aea-8935-656c1ab1a1c5", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e17962c5-d330-5bb4-b432-0235cc42d8c2", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca7a14f1-8ee1-5f5e-b46e-f1528e1a36ce", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3001318c-82ed-59fa-889a-916151d4e5bc", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9222edae-5c16-5c1b-be92-a4fc79eeacbc", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6ad24177-ad47-5a63-bc45-a35e29c02fb5", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ebcda59-5eff-5bd0-ad8e-7e28262b5ce3", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4127c3e6-e614-5fae-bf75-3ff3cad18b02", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-cdi-base 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5a3e8cf-5385-5654-b884-412cecbd7fcb", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b659524-1960-54db-ab31-83e9656ea77d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c56dd46-2ecc-51f9-8d6c-211005fb530e", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e4bc75d-9377-5803-b555-a37fe9725e6c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b914a3dc-5457-5571-aa52-807000428fb2", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:95c73c87-01c1-593b-a0b1-4bf055dcc8ab", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40db9697-9e74-5fd8-b148-c5f79d6ba683", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:057f5975-f161-557d-84fe-852b41151dc6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e434885-45ef-5678-bc3b-cc5ecc32ba81", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-cdi-base 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5ae88063-f966-561f-8644-8b844ae6a230", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9b5121a-b60a-59e9-9551-1face51d283b", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25b61dbf-892b-5ac9-8133-125b0e7fcbc1", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6cec5c8-59c3-5fcf-b97b-0b70cfa38603", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-cdi-base 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3cd649cc-51cf-5db8-b88e-05a11475750c", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0883c6cb-c174-55da-8883-02e5adc4258e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9e690a4-319e-503e-8d59-e663b5aa7e9a", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac8b03a5-ebcc-5b54-9af6-3e2465686592", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi-base." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-base@3.5.9-tuxcare.2" } ] }