{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:44c27155-11fa-5c9d-8f3f-ddcfe218bfa3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-microprofile-weld", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:11bf09e8-a6a9-5708-b829-1f1b46476246", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57697305-92c9-5b25-afd1-6ed8417fe217", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21e4358b-256f-5f6b-9031-13007c703813", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ad2bb81-6596-5fac-8ad3-b02c95924a48", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3736b3c5-1cf7-59d8-8bc7-672b7080819e", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df956591-8413-59de-9836-c3e0a68ca8a3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90639f76-9769-5641-857b-5598b9ba73bb", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71f2c656-e73c-5e9d-bef9-63679d048700", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e30d26dd-ea2a-5632-964d-a5bb9e1ee806", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09bb47be-58ed-5fbc-83fb-edc17e5dbaee", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a10d4c99-4693-5b40-aef2-c81f6e8189e1", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06f4ab91-1036-54e6-8fb8-781633fe1400", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d4dbcc5f-acee-5439-970a-648e5aecb895", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4368c70-b225-55b2-8045-bad821dde9ef", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d890bfde-a659-5084-8282-8ba3671352a0", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26fdd1f8-22db-527b-a88d-a9d10388716a", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:526befba-68a9-52bc-8a76-bd49f8d87f76", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-weld 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36315728-0318-5b92-83ad-80e620565aeb", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f58c21c3-3b5c-56ee-b98b-464e45142cb3", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:657259ce-a948-5334-ba88-2fa8590012bc", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4edad6e8-cc73-57bf-87a6-ec5dd0ee2d51", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e39b0a9d-10a8-5f65-a049-f96bb8c4ffcf", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:534736b2-026f-5dfb-bb7c-20ef00f99561", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:777abaef-d774-5fc2-856e-6b0e1d0aa6d2", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3247b64-710a-54a7-8f25-50395d5a793e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee278333-0fa6-5656-8368-502325b6b2b6", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-weld 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90afc1a1-5686-5109-a815-8f2c52e348f5", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:776fd31d-3c74-5b62-a8b0-592bb6bb22cf", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5666fd5-0bbe-58e8-95ab-1ef0012ae6de", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2d9bc72-e71d-5e7f-b92e-e1b08f8e25c5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-microprofile-weld 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a81e48be-fb66-50ba-99ac-1d45eb6f21c4", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a24b1a7-d86c-5d18-aada-54fa513e2240", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c68f5a4-6c6e-5fdd-8147-0b57835143d4", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:63152d22-162b-594a-9d1a-97c485bc047a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests-microprofile-weld." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-microprofile-weld@3.5.9-tuxcare.2" } ] }