{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:07398208-51fc-5328-bdb6-90d6f39c4cad", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-microprofile-async", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:044b76ba-ed25-598f-9d67-515f3f22c29f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a03b9d65-0086-51e8-a1fd-1f4e3ac02dc2", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f5e6b397-3a06-5574-bf55-19397c4c8a1f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd298c0e-9ade-5ca4-8f6b-7936a7e6f982", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:390ed154-7a48-560e-b607-7af91697ab4d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e716d8ab-5c6d-5d9d-bfa9-166661a005ac", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:83630516-73ed-59d3-979d-090fdd45c38e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:50dee0b4-31dc-50c2-8d0f-57b8e20c20b7", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fb640330-b8a5-5000-b334-a10039957842", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a08399b4-eb92-5144-b5fc-2942f6d7fc36", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3dfa1362-c73b-5560-9214-1579ff2025bb", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f2083f2b-61ac-5dc9-a332-4495a8b12dde", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:86ba7eeb-7ff1-5484-b313-82979ccf5673", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4a53ff33-219b-500a-be5a-51a01feefbcd", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a551deb0-37fc-53dd-bfbb-bb0bcc76ae21", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a913d05-7322-561e-972c-42afc48e37b1", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac6b898d-88c8-5437-9d4b-b3c15f59610a", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-async 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f9af3baa-6327-5ca3-b93e-00c8f7954eaf", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:af9e60f2-8abc-5cff-870a-7cd5f96d2705", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c565a833-8485-5851-a815-f27eb0d5c8ca", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4eef616e-6d29-5438-a5ea-23bbb26d546c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f5baa972-b36b-5485-b031-05773555ba03", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e762c679-cc72-5080-bf1c-5867bebdc0d9", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dbf83843-a967-589a-899d-f7589c198868", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d963b285-1229-57d6-942d-947ff738b8ea", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f95abe2d-4b67-5c36-906c-167e6fe1eb1e", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-async 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f546fdfd-b4f4-5169-8f6d-28142c052e83", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f52f750a-4bae-5cca-b732-8ab62f25358c", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:92419ce4-18ea-55f1-99d6-4a827b5d989e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2070941d-13b6-5b6b-a6bb-95a5f4b6daf6", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-async 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3729bd81-202b-5858-9ca2-51a6056118fd", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:71eaeb08-d9bd-5c5b-a03d-d9c34c3a9ea0", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5457d3f0-7d73-5f13-88ee-632e3a550b6f", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aa546447-8d8f-553e-84f0-7398012a20dd", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9-tuxcare.4" } ] }