{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cba60677-14ea-5ce4-bd53-85d9a3cf9700", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-cdi-weld", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b4b3bbb7-76f4-5ba3-9c83-c0e28cc56313", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:64e612ab-7fef-5c0a-8d3c-336cc144c6d9", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3c1c219f-d8b7-5cef-93a8-76935ee2c63d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:502e2c6b-3273-5259-b83d-dcb7cee83a71", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:81857560-c16d-55d3-a8ea-41ae832cc44c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:11231390-922f-5e91-b437-6dd171e5a704", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b223d380-d537-5032-a79f-7c9f69fa708d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:339aa3c8-7f8f-56fb-8a52-bdbcc4105cc7", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dbee8907-ed17-5c75-a813-226d02dccb29", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e9d7c36-c7eb-52b8-b5bd-ddb6770c9cb3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a456401-5205-5659-a235-9e0f4e3c815c", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8157d422-4b53-5920-b9cc-04ec1e4cdeb9", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75226d48-38ca-50ca-8437-19027693b6f4", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d813f118-06b1-5dbb-a21e-647e1be52fd6", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6d6a7788-df70-5b36-b9b6-4e479d371bb7", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:27b2bb39-1285-5483-9af8-b0d187556396", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b6277b3-31ac-53fc-9c21-a9b83654a04d", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-cdi-weld 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2088fdd5-3aec-5aed-a378-30eedf0b0ff8", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:563e85f0-79e1-5d81-b19a-b4381a60f01f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eac4315c-d616-5758-9e05-90fc94e69b6c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7380887b-b8a0-5d1b-b050-fcfa489792c1", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5609a468-393c-5403-84fe-180fa7480ad8", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e111069b-a696-55ff-b4fb-ad0675299cb7", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cba1faed-647a-5578-9878-27329d7b5e04", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8a2a904f-574d-5455-8105-18e0c4e11e78", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6cd7f282-639d-50d2-84a0-0a5487ced9fe", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-cdi-weld 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d9a4962c-26fd-561f-9b4b-05b85068f46a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df185536-4d9d-5601-94a2-fc4432cc32bd", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b4a70538-3f56-50c4-beda-be788211d1b4", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8a8da32-4d4c-513c-ba6f-790ba1855608", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-cdi-weld 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5805ff4c-560a-53bf-8168-82f10f484672", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:459fb315-43e5-522e-b08f-0194202d8da8", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:19e428b3-c4f0-52d4-81c4-2467c697bee3", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:018cc6b5-7a96-5acc-8052-2c01e9c67270", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-cdi-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi-weld@3.5.9-tuxcare.4" } ] }