{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:64a6888a-455e-501b-a6b4-2c12cb3efa86", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-microprofile-nocdi", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:07f341e0-7a71-507a-8315-f52f4f849f61", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e5a669c-dc9f-521c-9391-e245763f9030", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1de35b40-cdfd-54a8-9884-d59609afa72a", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c97462dc-08c1-548b-9904-b47f3280c1a8", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2090fcb-3ab5-53a9-be08-25c987e40893", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3452e4b-e09e-523a-942c-06d1e7f8986d", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26e6815f-4fbc-5349-81b2-2a7648de3213", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dba33594-497f-5acd-b924-4afec67a3bbe", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ff395cd-3409-5841-bc99-4ebfacd8b4dd", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac289402-f06c-57f0-a4f1-7e5a2aa219c2", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6c60f93d-5ff9-5313-80a9-68e8c4d39dff", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b0ed974-2aab-59aa-a90c-2c10886f4331", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3088e246-5047-52a2-8286-7a1ad090175e", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32cce93a-21e8-5057-9fa7-7ae4ef7b5724", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cdc3492a-fbb4-5539-8c59-8a4d5d065c88", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c213bfed-9f74-5e9a-bd78-f032fc6420c2", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f67d66c5-c1af-5020-9f4a-3f73c4a0fc27", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-nocdi 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:82c7fd30-664b-54f7-ab09-f8ae09cb6b10", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72802572-db1a-5e55-afe0-7fd301bf7cd4", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5aad8574-c843-519e-8208-7616545a3821", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:713145f3-f38a-50dd-bdb0-5ff23fb00c63", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:56c112a3-8041-5200-8006-65b4e85a4996", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ff345649-a084-5989-bf07-58abf162d276", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:975a5f18-60da-56f6-8f21-0f208e91732f", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f20a2c77-60f2-5ce4-a2e4-3829a39bc258", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5fe1cd1f-06fc-5b4b-94b8-1eb079d6a37e", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-nocdi 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eaed6e5e-4ab3-5625-b171-449fd9f6a063", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:056d2a66-ee53-575b-aab6-67628aa18065", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e8d759e-c3d5-59d6-b849-56ee24f5c187", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0b61f0a-10a3-56f6-a863-67a99949524d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-nocdi 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:54d3a034-b199-58e7-934a-041f3e055218", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84005842-28c2-5fde-a699-9f2dd3e5f21d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1be9b58-622e-538f-8206-071b342929bb", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ab1904dc-f257-56b6-8984-9ce2a593c6d8", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9-tuxcare.2" } ] }