{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c939af08-833c-59ec-b5c9-a9dac71619cc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-cdi-weld-producers", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:52ef3e7e-1a04-5882-80ea-c184b577ba81", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df58b30f-b538-5751-bf89-45e1b07eb045", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:479acc61-20a5-51cd-81ca-1c07bcad7061", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef624d0f-6e02-5bf0-b2fd-c9c771ce637e", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e95ad68f-8301-5801-994f-924a8af48755", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:82221be6-31b3-5af2-ba13-72f859a5495e", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fc6ba05a-7d91-501b-bd72-8661d49cb1b1", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:86896a68-ed03-53f3-a591-dc01ce35c262", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e3fa1d5f-22c0-5966-b406-4e9034114983", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d8bbc6f1-bbd7-57ef-86de-e35ce4842f25", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a9d85a3-4d8c-5f36-b59b-deff771d5d23", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77edbd80-3e40-57e6-92fb-0815d1e0ebf0", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d08a7b7d-e1a2-5e86-bb5d-b0466a1cd384", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32d26fdb-bc44-5041-82d9-b191876e4cff", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:122252b9-ca75-58e8-8e1b-a13f85de9529", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:67fc1aca-5be6-5a78-a26e-69a958e3ac0d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:242dfdd7-ef54-544d-8071-50d52f3835ca", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-cdi-weld-producers 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a830dea3-259f-5960-8b8c-ee4cebd13c31", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad97f8c7-8fd6-5f87-844e-6418a44e2308", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:94bc48c8-0914-508c-b573-dc631e0214e9", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:96d3a657-7110-5ced-8d5f-a1e6332c9a89", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd0505e3-66c5-58c4-aa59-771ea5712cdc", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27251b23-3d04-532e-9e6d-05023a5efeeb", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4e7fbd16-7e99-5da5-a4d8-772290154b70", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f2ac33cc-d6be-5c24-8254-1df7eaf8e969", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:14636d53-9f3a-5eca-9f7a-ba5ff862519a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-cdi-weld-producers 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a0991ad-2769-581d-9b3e-4f60fbde9642", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f4b5306-e80c-5da0-9eca-bd3406a8ec82", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c598b46e-ccf0-577a-b06f-ceec3243c130", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56925915-3bea-594a-9d6a-850cc6209773", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-cdi-weld-producers 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:05876742-04d5-5199-acf7-3107bacf7c03", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a41224d-fbfb-52d9-990b-df61d0d69d25", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2a5314d-5a40-5eae-b885-dfb327343919", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4f9ca839-4120-504e-94e5-b737d62889d0", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-cdi-weld-producers." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld-producers@3.5.9-tuxcare.3" } ] }