{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1d39052b-b7ae-5da3-b567-975ea3aae4a4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-ci-webapp", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f88322b5-b446-5dc3-ab41-6aa3da6e14fa", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8b4c08a-f328-5c16-adaa-f9c1efde8543", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4bff5958-ab1b-5378-aece-2d36960f8165", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2f98dcc-0526-5649-ac2a-08fd4e6c6a5f", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92f99175-7392-5983-ac08-3a2b7830c2da", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ae7c917-1975-5ff3-885d-59b7ecf00ef2", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1d406d5-7842-5c8b-8b4d-2d66fa111abe", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd23f9d7-cbf7-5926-9b4f-539dff7f0398", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f126cf53-56e2-56fa-8349-6a8126556c8b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74992b23-cd1e-5acd-bfc8-b4f53b928599", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a05b40c5-351a-5478-812c-7b45f9283cd5", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0799e6a4-9cbc-58b7-95f7-3002776fa9a7", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5fdd2c3d-87eb-50f9-886a-420ce3f74529", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8851fc5-d0d7-58ee-a755-d060d4bb0a31", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7cf57182-6644-55de-9c28-1c7f9a91c478", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:760d7389-6a10-5d3a-b459-a43403248862", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fac30d6f-2c4a-5944-b7c5-08428bc460f3", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-ci-webapp 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de3241c0-a876-5c50-88d1-038280e1d17b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f9b2e9c-6f85-5179-afe3-7b6bf365ed64", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c5f1c46-554c-56fb-83db-daf604e17f30", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ec4bf54-86bb-5d5a-a8d6-78688e684308", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55278cdd-1757-57d9-a510-7f434d1ab341", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b97a7da-e58a-586c-8325-9f1ea9b23027", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:141e8415-f92b-51de-83e2-d83e8f6a09da", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4217834d-e5db-5a8a-a114-6202b0d0b0f3", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0fbb4d5-3ca9-5985-8a36-2a1c4912c45f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-ci-webapp 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fc8f76c8-35c3-54a5-b62e-2e71ef0176f1", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a21da47-19c3-5033-a498-1a37eda6f121", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3622164a-b677-53ad-8978-260293f1e6a2", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0fad236b-f3cf-5618-a15f-bd5b9c046f41", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-ci-webapp 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30784a1f-2519-5558-b02e-ac10d83fba49", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a9d1159-32c3-55b3-a4be-37d03974ae7d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a81db69-4c08-54b4-bc8e-9c5496ae40ef", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1047f12a-5e65-5d5f-90b2-6c6fa3977343", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ci-webapp." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ci-webapp@3.5.9.tuxcare.1" } ] }