{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9077dcb7-31c7-5faf-9242-530422b18388", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-databinding", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7ea58b2b-a9c4-555d-a8e2-788030db93c5", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9e09174d-b5f9-5cb8-9a1b-dd10f18bb700", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:24713dcd-c04e-5fc5-a43d-8247569aa322", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d6f25d32-69cc-50a5-b83c-f66757da4e34", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f779495e-31ee-5a47-bfc7-35b441c9840a", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2253192c-7d7f-5b04-9467-9f69214ca0db", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dfe45393-6ae3-5da2-8b37-9c36cd5a1282", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eccef0de-9c5f-5fb0-9114-ff7a204ecc60", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:67b7eb09-c1a6-5baf-836e-834928080bca", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d0dac575-eaa5-5aaa-892d-d42221c2a705", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c2dd9bce-8abf-5ca5-be39-b6eb02eec6d8", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:356cce96-8cbf-5292-862d-b2caad8c6c8a", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ad28fff8-7698-53ff-b469-08eedfb32928", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1d4be994-3cdc-5eb3-b9c0-6b11f99e061c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d16b8aea-0ea8-55c5-9f51-ca6c1e98d8d1", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4eff1581-4591-5d6a-83c0-f2d542cf97b3", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c2c60747-1464-58e8-a878-d4fc3411bc5b", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0e0b2b46-a4e9-557a-9d5c-153e1f7f5110", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af940b1c-3188-5806-a7ba-d46d04c7e828", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6db7fa08-4274-59b4-b129-ad9514622ebd", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8f6d317f-a141-50bd-944a-fbcf53fb5c63", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fb577e12-658f-5cd5-9de4-45caa8293473", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:65ff9129-d8c7-5e07-99dc-c63aabaddd97", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cd943dde-7bd5-5cdb-89c2-660ba09a94c7", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a4f94cfa-6d7d-541a-838f-287579c3ddd5", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:762f8c34-cdef-5762-a579-d143a6046064", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-databinding 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c14ee192-c0b4-5912-bb4d-2885dfbb9ee4", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7ffb02b8-5116-5692-8657-651e55bd384c", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.systests:cxf-systests-databinding 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:31340cf5-4a4d-5b04-a8c2-e5618960b144", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a932eac6-653c-5d1a-885e-a762d642c9c8", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-databinding 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0baed53d-f46b-5a87-9af8-80b0f446800e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e1f4533f-4885-51ed-b488-b806f0a50078", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.11-tuxcare.5" } ] }