{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b632897e-87a7-5377-b565-28b75c3309e2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-ci-webapp", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c402d41f-8e47-5641-85cc-7fe0d7cd56bc", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c641165-d63b-5ac0-903f-202f7c9b3d6b", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:53cfb1fc-78ca-5a5e-8c55-b1f02a90fbea", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a3c4ea8f-ae8b-5f63-977a-8a242c95648e", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:833f3dc2-32c5-512e-9b37-4af0e3798331", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e67b4eb0-9b1d-526c-a51b-9be1b063dbda", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5363c4b1-aae6-58d1-9e0b-b73287d95c24", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0bfc581-6582-5a83-ad9c-ce441fb0c134", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f50cbc15-c374-5ccd-90fd-4277d013762b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:494d33a0-543f-58ea-a6e9-da73b0bc049e", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:29777fc9-67f1-5fb8-a3f9-0d00e48b45d8", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:44e380b3-dea7-5be8-a313-58dc7ceaff1f", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe6faabc-8899-5e88-bc85-0a99ac64a0b4", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c8c6c67a-6c0a-5447-ac8e-627221d4ded0", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1add3c3a-0b9e-5b6a-924b-8a575d3a75e2", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:42fb3be4-c9f1-5fd0-8af3-e0c35962ca56", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:575d30dd-69fe-5cdc-8a0a-6f8d8eb2b709", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-ci-webapp 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e55fd91c-de18-5d8f-bc9c-208b4d0d8430", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:866b8ba6-1c25-5e1e-bbb0-db7eb6bbfdac", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:82523cbd-f14a-5b66-83ba-ada7f1d016c1", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:641cba25-5f90-5b38-87ca-d3063cd8b4d1", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d565b1d9-6ea9-53cc-8773-283cc95ee0f1", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da205e67-c9a1-55f8-875f-3db331b7d7aa", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7ba7d59e-14e3-5d26-baf7-a49c2ffeeb71", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ceb0e8cc-4664-5efa-b67b-d1e217eccf57", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:937d6850-656b-5def-834e-7d1e80e974d2", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-ci-webapp 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed4fbdf9-c876-5e1c-9677-509a7322f433", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7234b139-9887-501f-a202-29b2ffbd8d80", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5fe4190e-1743-5ce1-ab20-27b56d22a701", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d6c592b-cd6a-5739-99fd-bf118d37b62b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-ci-webapp 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:710d0639-48c5-5436-a95a-1d77d3fde4c8", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b714d7a8-3766-5443-ad33-27e8fff54874", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fa43b4c3-67a5-5859-aad7-7e7612f868ca", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1659067a-62ab-5f80-9795-a822da52c73b", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9-tuxcare.4" } ] }