{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:866a831e-8831-526c-93f7-334a467ca976", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "apache-cxf", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5ba305f8-c957-5671-9919-e070fdf220f8", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8c2781da-8a0e-55b4-90be-5901729c1dad", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:94100354-ac17-57f9-980f-3b8772cd01c3", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e72ba1de-e190-5637-bee7-a8fd4201b48b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:02522033-f66d-59a8-8841-ba81e08b69ad", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9ad8beab-7a2b-51ff-a492-b7b91c81f600", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:01688438-a641-5b33-bd2e-08466d6466bf", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a6ae5f19-b34f-5ad7-8b41-932144e962b4", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aff2e081-846a-51c7-ae91-99158fc53642", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:63a3fb6c-591b-5494-be6c-97762985ba9e", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:87ce26a3-b9a6-5124-9767-1a84dbcff672", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd94fe2e-c793-5a5d-9a4d-41caa64f26ab", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6793db99-e2d6-5a1d-b839-45a28f1b35fa", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b301cf84-99f8-51a1-9bfb-131f07f4792e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:776cc1cd-e6d2-5a41-bf8e-beb49be5251c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:58ec1efa-28a3-5e4a-8c9f-1a7249787dea", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c95008bf-9004-5249-933d-2250ebce6dca", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ab01dfe9-0af1-52af-a966-801684dfa7b5", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:03ab966a-2cd8-5089-a481-b35d78f1e9d8", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cbe778c3-48a6-5856-9c55-9c24b35ab969", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:147e6524-29ca-5c16-ac79-f5cca068f35c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e7e736ce-4882-5176-a558-08c79f3ce7d9", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b9d2ebd2-aa51-5967-9f92-23b39511c17f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:357cd1d7-e5bd-5a9b-8d21-16804dff4823", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:60fd9428-95fc-5553-a129-2b1745962a86", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:34f9e138-40b4-532c-bda9-ce2d12f1a49d", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:apache-cxf 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:94685411-f66f-5ff0-90d3-0b7f982d1534", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0fc928bb-73a4-5c04-919b-d7ea6efc79af", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:apache-cxf 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f2ac5c4-457e-560c-8f13-4f824c94dca3", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ecbf19f2-5556-50de-8cd0-083d313c147c", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:apache-cxf 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:209e869a-f6cc-5e61-bbc4-a366e0d7bbdc", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e1f8d125-bea0-57c8-87d8-2f3b273c6df9", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.4" } ] }