{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0ff8a945-53e3-56b7-86e8-e11007898e51", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-databinding", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e5d63634-cb41-5565-ae3a-cc454fdcc12b", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e9cde3f0-7d4a-5c3f-9d4a-79c31941a1b1", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:533ab42f-4705-5826-8640-d9579c3fe4fe", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7074d0e9-cda0-585d-8aa9-c08c4b8b60f9", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c96f1aa4-859f-5bd4-bf41-acfea3a9bcdb", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f703637-dcc3-528a-aaf1-ce0b4792fee7", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e0de143-d50f-52d2-9670-e0b8162019c9", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1988cac5-b44b-5f5c-b67d-0ccd2a84e602", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d690148-abc9-523e-96a5-ba3ca05717ea", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9cdfd04e-68e3-538d-acc2-fbaaf33ecac2", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04cfa840-3ac2-5bd8-8f5c-ad918fb0c8c4", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea65a9d1-fbdf-5117-a145-3bc175f62aa2", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd9dcfc5-0c5f-5cf3-8951-ba3da0cb7ac3", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f823797-c3b8-5d6b-aa2a-cec3b2792929", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a031abce-8088-514c-a40e-54f79438662e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67b61c86-fd1d-51a7-82d5-3d4d5481fe66", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b9c1b4a-4250-5c6f-9c39-cc2bb00c4192", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-databinding 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba8b393d-ec49-58d0-9c6a-ec9bd6c5a181", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26b5c4e7-6bcb-5e42-a45d-3dd55610c059", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42b54a11-585a-5018-93d8-63e790749fca", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9586f809-efe7-512d-ba23-7c2eb2765bba", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f93397a-1111-5540-b18a-36137c7235ae", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3053ee9-31e7-54ed-958f-190b26ce67c5", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2bfc0c9b-f613-5e21-ae0b-c53c287cd71d", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:89f787e1-5acb-58f0-90e3-6d993dff40fe", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:41eaee12-01b9-5bee-b5ea-2bb43b940705", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-databinding 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45905a4a-022f-5cdd-be55-34de30811bf7", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05a0af5d-7cb8-51fe-9c59-db505b6aeb77", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:192883e6-678e-5273-b55f-89e9134fb319", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67089481-4ace-5611-9448-d9e480082ba5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-databinding 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4c228b9-d711-535e-999a-5421bd054938", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38eed0d0-d25d-5d9b-b641-7608ce8fd0cf", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b621f054-6813-55fb-aec9-ae1d7e065830", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1330b67f-aab1-56c8-b0b6-f2f0f6baa771", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-databinding@3.5.9-tuxcare.2" } ] }