{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:53bc517e-a188-5737-8e41-ffb08ec1fad0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-microprofile-async", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:491f19f9-6169-55e1-953c-55e6b1b09b60", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07fd35ba-20c9-5689-91a6-20e33b9ac3ff", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3876f928-b032-5944-b2c5-ee068cc4494a", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29a3be89-51ce-594e-8f57-889fa02bd96f", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f43a0ed4-fa2e-5f0d-a0cb-a49594c526b0", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb0df37d-655b-5d6d-9625-6558c09c1870", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef7ffd18-bc10-5814-96c1-9d9aaa3625c0", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7c08c7a-7175-5e32-96cf-85d5d9ca3acc", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60234d20-8e81-5c22-bafd-aaf4b9b7a102", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:51587074-f6e0-515b-9464-9f171815c7d2", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa37b975-cf16-595b-9de2-7112ba76b420", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38fb9d5c-9c96-5598-82ab-9366733c3e94", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ed642b1-e970-5063-962e-7ac352bf64eb", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:50ee48f9-c806-5c5b-afb8-b87a1de8343f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8bc14db8-4714-56a7-84b3-1735a217a2b5", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0fd5d63b-7c61-523f-a9a8-ef774b5d4db5", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4862a62-d93d-5e21-a2a5-fccc6bb45994", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-async 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76e4b194-fcc2-541a-9763-f72d95f408dd", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f79af5c-8cd1-54d8-9e2d-e7ac9830b52c", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff8a8e81-3df4-52e6-8342-d81463140c2f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e18063aa-74da-514f-9889-2cacd38b54dd", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1cbeb2c6-0a86-5338-8ff5-4f7d88a10c88", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ccb540cf-6360-57a2-8ed8-d18ce7d61fa8", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62d7745c-644e-5b81-a705-38fc9b1a8bff", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b7d07c8-437b-5d03-9b62-c309fe5be8d6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5281b4ef-efc0-5480-9483-bd72fc87e3b5", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-async 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3cd18541-2ad8-5489-b7a9-b942cf8a7243", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc615c40-dc03-5c2f-93e1-50c1a5810359", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce26b713-a35e-5dd6-a2df-cfad28d55d10", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97f0b6fa-2428-5702-aab5-efb739b42bab", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-async 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b09e217-263b-5d95-ac82-7a389ec35d1a", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8041d24e-b324-592f-a4dc-622b4475fe3f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbd993df-7c51-5435-b0f1-d54652f6cc35", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:073c71d7-8c8c-526c-ac6f-b5216f13bd0b", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.2" } ] }