{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0a4f1030-43fe-5f17-b156-64d8163b71d6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4043c322-35bc-54ed-bddd-2061cb5bec25", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9db69a7d-594e-5d05-b938-5d3daac67a21", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7f23548-5206-5463-8c71-ba5179db3da4", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c98fed3-8c2e-58d6-9d54-f09f5512b8e7", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9cce075f-7066-550a-bd39-93fcc74eb11b", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04487ef1-3437-5538-8faf-802a1af1cc3a", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f8f8c79-3a19-57a7-81f8-f9de7172a15c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:def1446b-4e13-5737-95cf-85a0ad3ec1cb", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b70eeeb-e1d6-5254-8b61-25aebbb66440", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88b8881a-e7cf-52ee-83be-3241aaad7c69", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e74a08a-7335-5fd6-8b41-ef472e54c4b2", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e7e589f-cce7-5689-b924-06f086767c02", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5af21ed6-731f-5e97-a4aa-60b987f73598", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c59441c4-2e46-5c81-92d4-ecd11f8d316c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5cce770d-4546-5dba-be35-3125d7ba2e69", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08e3ee2e-50b0-50e2-b2d4-0a10786eb12c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20fbfaab-f655-5fc7-92d7-a821b9d46c07", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5fa3c0a3-f4c9-59cb-9154-34dff004cc02", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:140156ae-723d-57ee-ab5a-97d96bbb9383", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dfe90383-0bfa-59a3-a974-2aeca1029ca0", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb472862-c27a-5bb1-8f3c-bf6e6c3adb4d", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2290bf03-65e1-5487-87b8-ec30efe5547f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bbfe239e-b027-56bb-bbcc-488c281601a5", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:227a7a87-b580-52db-ae05-e341a8c5f567", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05dd94a7-367c-5a19-8892-d614e3a7c5fe", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6bcaf600-c2b5-5cbe-9c3c-036824d3d55a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b79ffea0-f96c-577a-9c06-caa75708ce15", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2852e28-dba8-59e9-8e06-6f05feef4d89", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2cd3067-9ef9-580d-9f66-9a46f5003f5b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9de7d0d-bb11-5851-a896-674c75a944c0", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc7196bc-bb7d-5a92-a39d-29ba569d3aba", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10550c92-aede-53de-b081-20d0f00fcc82", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1d88be01-0d64-5a02-ad76-ebacb8f5b2e6", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b9a49a17-ff0c-58d7-9005-8b28eb081bbd", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.systests:cxf-systests." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests@3.5.9-tuxcare.2" } ] }