{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f6dd0415-f31c-5cd5-8739-cca7a1fdd60e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-ldap", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3aa9bf4f-3ba9-5df1-98eb-5f330b92293d", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:146c85ca-a342-5c61-a54b-406c3b0879c0", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:13899574-bfcf-56c1-9cc0-644b21f0560e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a322eaa6-b1fb-5237-8826-256933479073", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4e0dae5e-98b9-5d62-8a7f-721bea80551d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32b19cd8-8717-572a-be96-c53b4a085b97", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:19e892ab-097b-5822-a671-686b7a34a14d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3e78309c-5a18-57a3-aa36-72ee01f9032a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bfc1b0f6-45a9-5e84-9f90-9cd080bbbbac", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b16ad057-7ed4-5bd2-8711-cadcadf928c9", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9f70a2ec-12b0-5e2c-b6c5-85d4040fc8f0", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6eac5536-8365-5d77-94b5-24c7995a279f", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:149d470e-518e-590e-a5c4-903d52fd306e", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5944409b-9084-5f9d-aec7-b4ffd0c9fda7", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a995822-a801-5dd7-958a-9ba185ae77d8", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0ae786dc-85b4-58fd-a756-5b34f40b2fb7", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32e41b41-cb82-5467-a3c7-21960f7669cf", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-ldap 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:88a5caba-16e3-5b71-8f16-da396187817c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f6928af1-ac35-571c-8dc7-ba8a8b32fe8d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c3c59d53-79a3-5965-b56a-5c7fdabf714e", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:61283ca2-bc07-501c-a411-6a96df730663", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b0debd8-97f5-510a-8649-9c4d1dbffe18", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:62d7f4f3-1368-53b7-b06f-165596298cb1", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f7b746e1-611c-5144-9b83-df2e1ef44079", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4c69021c-dad4-5c27-a455-63629f53a389", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c2d2bd26-2a38-5ab4-8bca-9f27dc51cb82", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-ldap 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:701b913c-d7ee-56d5-b991-4185be05a6ea", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d4aec476-5f46-5600-977b-a7e94d34c08d", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f34ee133-5912-5ee0-82a6-188b966f1221", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:54b2f30b-2894-5537-9fff-8160cf79432a", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-ldap 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:adee0a4e-5dc8-5e59-9774-dfe4df7249ce", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f536e5f5-fb78-53fc-9343-552157f26c31", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a474040a-61c8-5cbc-b0d0-7f89ca9b4aab", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ac91076-db80-591d-a689-6b932e651f2d", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ldap." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ldap@3.5.9-tuxcare.4" } ] }