{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7d03d04d-6980-5ce4-a473-291932ae9bd1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-cdi", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:93b69135-e3df-5de5-98e5-357285b77e0f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d9a3980-7867-5b87-a3e7-338d06b6b2bf", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c107099c-39c6-5771-ab70-fd6b11230c25", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3fad26f1-4477-5739-b0e5-260d50b79de6", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5703f545-b1df-5881-a098-fb116d9ae589", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:beb659ab-d235-5e10-8474-e9ddc8d4445f", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2e274fb-e0a9-56c4-bfaa-8fa04c9c8b0a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:99bffece-6904-56ee-bf35-9124572eb727", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b175d281-6baa-5fd8-900d-27231481be4b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b864e3a-e523-523e-85ac-d24c5fae494a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4117bbe-254c-52e7-ae3e-76f326478822", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f0e3562-988b-573b-ba04-850c07b8b612", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5099cb78-bc90-5fa7-8115-b25bec95bfd5", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c61a811-5476-5d13-ae2a-5c1b820c4b91", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9e022bf-102f-535f-b721-883735258e43", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b59e846-df30-5655-a77b-2ddd08d1de92", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dff10003-716b-56e5-a900-503390f88f5d", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-cdi 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f4d6029b-1279-5377-abce-320f4e0050e1", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6dcd8647-ec30-57ba-9576-7c038c694d31", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38ce6003-848c-5b19-8471-280585cbd04b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e15ee7d5-3241-5c87-a95a-5f0c54a062fb", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:170b3e4a-c0a1-56e5-861e-078ab831fffe", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bca76c17-e312-5a5a-9b2a-c9554e66f905", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93bc31a0-1512-561a-91f7-0a4b14d69cf4", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c654d4e4-52ca-5f9a-9882-f449495a6836", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4bb81dd4-ede3-598a-80ea-75b932606955", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-cdi 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb40541d-323c-577c-ad91-8974bcdd2f6b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3acdc14c-484d-5683-8a7a-d86cc72e482a", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:688ee958-b4c0-59a1-9341-965c2530fa47", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8fd9dcf0-f03f-5132-9c49-9dc01cfa8827", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-cdi 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91aee7c1-bdc6-53c2-8e01-802b1174737c", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed5d646e-a95e-54ed-9996-ddf4edd98cf8", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f993c6a3-0a56-5973-a0af-06063860f523", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db0c42e2-eff6-5857-ac5b-8aeb34148491", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-cdi@3.5.9-tuxcare.2" } ] }