{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:30f7884c-96e5-57ad-9063-97fef22ee4dd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-microprofile-nocdi", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cc41ff3f-5be3-56f4-a167-3ee52254768e", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bd7ad8ed-ea6a-5e0c-b1ff-9b170b63ad1b", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6aa704a2-ec46-5cd9-8d42-fe5380c3af6c", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36cdd5b3-d162-5469-a8ec-a0261b890bf8", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed2e7cec-22d5-549f-8a73-9ec1565570e2", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b03fc3e5-727a-556e-a8db-a4aaa84594f6", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0082355a-0337-5d64-8115-9276a4e16b78", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:680bdf63-868e-5728-b31e-f66c028f09ea", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18f40c11-b5dd-51f0-9783-08b5562ccdff", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2e25223-5016-5ab8-81c1-ce66e4dfe1e6", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79a31dec-cd9a-5c19-919c-805df65f1d57", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2a66cd4b-193a-5283-af25-b7e867821165", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c24a1c89-69c6-5012-9a14-8a3f4a1c6333", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92a26a50-09dc-588c-b284-bcb6042408ba", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6b5a802-eeb3-5623-89dd-8da2e61ffc7b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a49b6c4-6935-5e72-a86d-d05b35bd6111", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f10a65e-dda4-5943-8aa1-98cefc2c4030", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-nocdi 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:27592a3a-9a77-5917-a31f-d930a45519b7", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbee5185-b5f6-501c-9d0e-093e46871065", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8892b0e2-76b4-5ccf-b11a-33fb6545bfdc", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:74ec3562-798c-5526-9e74-f0ca9bd0811b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92db829a-6ccc-531e-ab13-f1bbdd82ae77", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:edfe60b3-04f3-568d-8edc-b5675d523b36", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5bc8835d-1990-5a1b-a74f-d9ab6e0ba26a", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c31fe40-901c-546f-88dc-4c1d109b83bb", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:32c5ec3b-34c7-5758-8fa3-583f8d0ddb6f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-nocdi 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c160dcab-8603-5e79-92af-f1424751f80a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46d3e268-11a0-59f3-be30-63c12d4af297", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3fc44bd9-2fb4-57e6-b61a-a2a7bf21c785", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9367db28-3cad-57e4-a5f8-d13bed9767fe", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-nocdi 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dedfa34f-65f2-5837-b30e-a252c39d9ed7", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cfc61861-b30f-5a3b-ae96-a8a848285c56", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ffce441-db12-58de-995e-998dd20e69a9", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:575c5a12-8502-57fd-874a-adcefa248761", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-microprofile-nocdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-nocdi@3.5.9.tuxcare.1" } ] }