{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ea92f7a9-cfd7-53b2-bfbd-3a731300785c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-ci-webapp", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:00cec36c-38f1-5561-95b2-a3958b096e41", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce573144-8d01-5f6a-b1fa-e1f818f7d981", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32c6c87e-76a4-5dbd-a2fb-b7e4524b33c9", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:679d36f7-4f06-5a13-be72-8d2cb36e1cc3", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3986600-6709-5f4d-9010-f891a582ec28", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6613c3f5-ee39-5a4a-a02a-5d4000a9a469", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b6f727cf-d1fd-510d-a70a-9dd80bcf4cf6", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ffd6ee6-560f-508b-9dc3-8ea6c5d8cab4", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ca56b88-47e4-5dfa-8fa2-cb3a1d65a6a4", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c2116f8-93f5-54b2-9252-f21b887581b1", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0ef458b-0ce7-5065-a7e4-96894861eec8", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9fae98fa-07e3-50ef-b1dc-5807186d4e2e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9bfff4f7-5464-520e-9fda-ff4c7602daab", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:03d518d0-817b-5d77-b232-32f9921e902f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:930337df-4b02-55fa-a824-e71ac428bbe3", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5149173c-cc9d-5145-b6d7-385789b5d36f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0f7d0623-051c-54a4-86ba-f075f9d2f792", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-ci-webapp 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8da68fc1-7ca8-584c-bc1c-c08f508f0f20", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:57d8e0a5-eda5-556d-a86a-ec72d7cdf9c1", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6c3565fb-ba1d-5d7e-9328-0c7c9c222ac3", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d69683e-053f-55b6-b56c-22ad705c17fe", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1ade5844-f90a-52dc-9b2c-83d5f37167d6", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac1b7e9a-6041-5e75-bdf2-6bf4420ed4b3", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f42c68e1-fa7e-537c-b147-fe4ed4f03897", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa27d62a-946d-5a32-a5c2-04a74d986f6d", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4bb0ea20-b9dc-5c64-bbfb-b549d0f275c6", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-ci-webapp 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7df57a3e-0713-53e3-8e0a-6ab7dea15632", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c38eb325-0e9f-54ef-8ec5-036c49439783", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c044174c-7c36-5c72-907e-5fbccd215d2f", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f9049a7-7bc0-5cdb-b2fd-d1f0975a1247", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-ci-webapp 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e637e357-fca6-5940-b44c-158c3f20c522", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9dcb6549-9159-5dec-a58b-8f7296743704", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e69760e-e3b4-5352-b739-6411bdd48d02", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a3895eb9-db28-560d-a9fc-2d95779ce1bd", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.3" } ] }