{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:76be1815-cff6-5ec8-a0cd-e1f642ea66b8", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "apache-cxf", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d23fb817-1e87-5dc7-8e90-ac30d325f160", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1c4f1636-4643-5099-ad75-e92d4ebb2aec", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7a51d46c-7b14-529e-99bd-5bb00cd36b96", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:36a892fd-dba2-5090-ba92-2c926b8814f0", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:61c5e399-0633-584f-ba9a-b4ecf05c9052", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7058301f-0055-5ff9-b1e7-7d97646206cf", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4095268f-35ad-544a-9ecd-20cdc32395a3", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1a412df4-7b6d-5db3-b4c7-50da616aa0e1", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3a74f438-0c97-5d81-8566-888fe8750773", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:23c7d6d9-dd19-5d9b-bad7-d26cf246a1f8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9b2f60c8-50f4-5ae6-b631-f829abd3306f", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a03bae9b-60c4-5896-a0a3-9f5d277e3f10", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:06f77687-21c5-5c29-bdc5-b906fbc3b2c0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:05dbaa48-8122-5126-8994-382dedb18506", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1cc2cdaa-acec-525b-996e-e053f5aced1d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:238edc2e-50a2-5725-8205-2c98cdf0467c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:831a3bfa-9c39-554f-ac16-ff46ddbef0a1", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:39401a6e-da34-547f-9dcd-9a9141bd34b2", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:74c0e7c3-b895-5745-a6fe-06e043c278eb", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f754fdec-667d-5262-b107-f7d7fe9e0289", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d8caf5a-9b0e-5678-8aac-e2d36d5178cc", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0553b015-d075-50da-9fa1-d9e7d8ed096d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0f10854c-edd8-5274-ab51-14db90ff6c0b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0034b0cd-0271-5e24-b544-4056e8f44d8c", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:206540a4-bf5f-5954-85c4-dd30194c943e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7f8ed5df-bef3-5410-a7ef-c768daed9f71", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:apache-cxf 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eeaba86b-dde2-5b2f-9c14-e25c0ee96c37", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cad06166-58f1-5920-9e36-3b53998795e0", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:apache-cxf 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:83c27623-73dd-5bee-8779-0d22863564a0", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4e077975-0819-5083-a15a-db9fd46788c2", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:apache-cxf 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4dea4da0-c0f5-5620-ba55-57c1f0f0bf75", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:006fa24b-d50d-5b3a-a667-732a7a5df46b", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.5" } ] }