{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:11bd2bf0-7f95-5de7-8a22-c41c470f31ba", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-ci-webapp", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b5bad509-db6d-5167-ae0e-a93d9d8d4363", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce9f7f30-a0fa-53c3-9b46-e13ba02a8ff9", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6225524-8eb1-5a0d-b766-8f01d30007d1", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55c81c8c-ed90-5e57-9715-908728feadd5", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:349efa2c-adbd-5390-bf75-1609a78c2dbf", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:33d3728b-a0d1-5c5c-9966-1d8534361196", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da67120c-e57b-5263-863f-7e02c89be9cf", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb638c35-6801-55ea-b75e-6d88c85a7f10", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6810b9a0-d380-503e-ac41-2f13357701b0", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb9ad71a-edec-542d-a0c5-290e84836f98", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a37e7052-4a4a-5cfb-aae2-39d680d7d5f6", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0494157-aa9d-55c8-9b15-8d357cc69ab3", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e65cc37c-dd46-50ff-9de0-de1c6c2aefd2", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:956f6690-8df8-5278-8438-e462d89c379c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe406db9-b0a0-59eb-89d3-caa54e4c67fc", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4c7f6e0-08e8-5a93-8e7f-1d4bf9a35516", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7064a556-ba5a-5bcd-9a81-6776ce92c728", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-ci-webapp 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3a3cb84a-4897-51a7-b555-acb4db1e382b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6be03375-fe81-5de0-b2af-001ad03b8dca", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:585182eb-2eb9-536e-9443-2d4095c8a601", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4bef1b4c-8a98-5f54-b86f-97f667b3a49f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:effdc95b-7beb-5d50-a320-65cf2141a7c8", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79a0dee8-7e83-5a2b-a97f-c480d17e4175", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:586de510-7e25-54c8-8aab-317a8c9b21e2", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4fcd6937-853f-580c-910c-b057bea196b5", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93659b01-e187-5eba-9b8b-204c708a1bd8", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-ci-webapp 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:310d4579-01fb-5cce-968f-45645c2935ae", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d7c3599-b060-599d-bcfe-785ff41a3e30", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2c93b67-6a53-5c67-89f4-412432741833", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65a7dc65-cdb9-5eaa-b191-e00ae32aae31", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-ci-webapp 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c8db3d30-007f-5ac0-aef0-17a5b36bb9fb", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cf43f81c-3ade-5ca2-8743-2eab387ee9fa", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e082f319-b0e0-5d11-b5e4-c27bd093354a", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01e7e2c6-bed2-55a3-83ba-3ea091c3fa7e", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.2" } ] }