{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:41cb6097-8b79-50e0-a285-ba351fa6d123", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-microprofile-weld", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2077e0de-83fe-5a28-9e1c-570f8091cac6", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:28941906-9d53-517a-85cc-eb8ec13f05c7", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7be0b7a3-aa29-51bb-884f-0a1a4fe60311", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6d7bcb6-ec75-53c1-a5ed-cadb08010f58", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3dd5074-1821-505e-b051-fc24e17ff87b", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0cac4ff-ef0b-5164-b880-6f0802f02dcb", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c1ac7290-a73a-51f9-83b9-b369eabf5600", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76d0b323-2f36-523f-a476-20997485c586", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a4800f3d-fe8e-51d2-bd05-4bf00fbd38d1", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b428659-3c68-5b3f-ad78-9a0cd3364abd", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e86da4ac-9d6a-5196-a72d-390e329c3d12", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:73b4cae8-9c14-5532-a70f-e4e0db66c3cf", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1d4ac44-416c-5dc9-96e4-2b23552d76a0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74e45388-fb54-52aa-9e16-ce1e95e8437e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37e8df46-3ebc-5c00-bedc-40945162a58f", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14bb21c7-af32-5b72-819e-7d80df998d8a", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75392851-a3c1-5e92-8e48-56c6faac5749", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b6f3299-7927-5653-976a-a7be4c94660d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3b94f9b3-86c4-54f6-9d77-16b52c489370", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e0935998-d4cf-5286-ade9-5d3708c2bdb5", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d530ac98-d604-5ec8-a2a6-abeff40be696", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:97dbd03d-ecd1-59eb-b03c-9cba70c66023", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7a3a6e7-2289-57eb-bbc5-f2740f648dbb", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40da4ebc-32cd-5722-9d07-ee44abd06de2", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45a2132d-ef8c-50ea-a262-f97a0e706660", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3d6b5f2-e4b0-50db-aee5-492ef57d2d5f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-weld 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd269e77-3547-5e17-9f47-80314b42f2db", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7aa83820-4f1b-5b99-b6a4-772bb2dba702", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-weld 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26dd62ae-f032-53fa-9a5d-18c7fb9f6149", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c33fed0-9980-5d18-8394-ec9c29c5e96d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-weld 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1b75fe6-0973-58c5-8f42-706f0bf0fda1", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3c0ea76-c6b2-5629-a9b1-fe76560e3580", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.2" } ] }