{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c6ee893e-a2c9-57e5-8dba-96fac8cdcd2d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-microprofile-weld", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:67e36f36-4fd5-5937-86f5-12dd7f5940b9", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed3d9c56-936e-50d3-9e87-8fafe6c2c484", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b18f342-ea58-5dbc-a954-07fcd79e15fc", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1e228a09-3e0a-50e4-9137-b49b9e37f9e0", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c0cb906-716e-50ac-8932-6f756cfa1652", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e589989b-eea5-5763-8cb6-c1667ae9c292", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1793a54c-750a-5644-8237-5d696123bcbb", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4849887d-798f-55fd-bb0c-48c5b368b64a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e2fcba79-b7c1-5309-9481-ed35c2d3e016", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0a0ef759-f2cb-55e7-9f7b-a822059616aa", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d6bc5d47-32ba-507b-9a05-db2ced567bb8", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d83cdf30-7af3-5b9a-910b-6334a3ee6568", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a974c7a-4e80-5531-8f6d-b854e56db8cd", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5fc6d127-e278-52e9-8371-55ad300b070d", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:215c1980-b70f-5fa4-82cd-ba36017ebef0", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac3f8c11-a6c2-58eb-adaf-69a30b6732be", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff63be49-47bb-5a85-9ee6-3ada53d56c7f", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:23346083-26a4-55f9-8b09-c87275c2cfe6", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d11075c1-c3ba-595a-a906-bfbda410a491", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4a88c9dc-6431-56b9-9ecc-18680d9df2bc", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:68d1cffe-7300-5c31-bc6c-77a2f704acf8", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:82b6e228-50d5-5459-a526-0cea63c5f109", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da756344-5bfc-5879-9a4b-d36139fc147c", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:92688cf4-0d1e-5444-befd-40275686d56e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6a7484d3-35a6-5d36-8420-61a2939fba70", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c11bfe04-8d6b-5bb9-9810-e873057bfc2f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-weld 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d2bba824-0699-55cb-acdf-41fc8321ca87", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d41466d5-3c53-59b1-b893-b8938a5ec00c", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-weld 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:524aa1d1-22b4-5802-ba58-f32a056da655", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a37b052f-53a0-5fab-8be1-35ec58603fc0", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-weld 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f7e1fd53-47bb-54c1-a92b-0d2750a21c9d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f8dfa779-1435-5669-935b-b13890b40998", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.11-tuxcare.4" } ] }