{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9313ab10-24d3-510e-9f18-d12cbf69fe13", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-microprofile-async", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2d1b60a2-0e12-5a3a-bbad-cefbb5065cd7", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:82f30dbb-5c46-5827-b962-7e2dae524bc3", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73529958-238d-5f3f-8b30-63b1a03686b1", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0f9f6a5-620e-579e-8b32-bb8d7e017e71", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68262108-ffae-5ef9-bef2-769443f21fc8", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb89cf90-0600-558b-a6e1-baa0fb146a90", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e615c39f-5de8-5753-984a-24e64554a4f8", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25c726f9-7a0d-5ffc-b4a7-b8f38f5dc49a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e56252a-98b3-5d82-af69-ae3d1595887e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58c8c5d7-4ab9-5b06-bfdb-6eaf31435b5c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb985103-ffe1-5eb6-a5ee-e690d3bb3538", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63622c95-4c80-53b7-9742-508e352790b4", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5bb450eb-d723-5949-b909-919c2daf9804", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da0e38f3-4338-5895-ba25-93fcb72d19cd", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33110f14-3ac8-5f2e-8e03-d188577c7f5b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cf8574f2-f366-57d0-a6d6-271f1bee86cc", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a136a2db-ca2b-5d59-b40d-3f77800e0eca", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-async 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e903cb35-fc2f-5c68-9730-fd874b36c67d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:13bfb1d1-9a52-5921-a5e0-6c0200d2e9f5", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a3c97d9-cd8a-58e0-a4c4-36fce2e09d9c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:885e59c4-ecb1-55aa-bcdd-e58f5f4077db", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95f06e96-ebde-5a43-89b9-3fe2112cdda4", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98078f7d-50da-5935-bbb6-4fbd5e41abc0", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9214d76-29f5-55cb-baa1-6f94654784e2", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1951b85-fe73-53dc-9310-f63a0a8d0472", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3a79411-333b-54a0-a572-50aa7f7cd659", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-async 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:042f7c61-e716-51d7-b699-c673037ffe7d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5a5b0402-32ff-5157-91f1-7e2bcbce3fd0", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21143679-6ff9-5d50-9295-a13de8c25c7b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:64ce1768-8e0f-5acf-a30b-1d4f98c8949f", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-async 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6c367fd-59b7-5268-aa8d-009c6a2c43e7", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7cc57812-81fb-5462-be62-df5288fcd19d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2fa96ce-f319-5577-8cd8-231187207546", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ff8b714e-d621-501f-bf79-6a85708594d6", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-async." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-async@3.5.9.tuxcare.1" } ] }