{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ae4c7410-993d-572a-91eb-6ad0c83f41de", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "apache-cxf", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:234475dd-5cb2-5fb3-b0b0-9acd4d7b7a3d", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:07dd6499-a55e-55cd-bc48-f617909a52c1", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7003441c-7884-59b0-8bed-bcfbc4a013b0", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c23349e6-84fc-59c4-9a42-00cfdbfec924", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:71825acc-666e-5eb2-b016-449469d36664", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:14b69ae6-84e0-5557-8ade-f6c4154998fc", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0a13063f-fb7d-5801-aeb1-8aecf5e4597d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:37576870-5db9-521d-9de9-175b50aeb00b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b62a7999-4f7a-5293-a5fa-3302aa0220a5", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4a0216fa-68a3-5456-b492-4d0184f0f28b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:50fb2e60-bffe-5b8c-b356-61ee2105afb9", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f6f8e703-4128-5ed5-82fa-2b95c14c4a8a", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:35a82710-1ab4-586c-836c-0750476f7405", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:81449bee-ea9f-54dc-9553-7a42bcacac32", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c17378a8-cd22-5648-8d04-c7951883799c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:100594d7-9c34-597b-896e-3f985a25b44a", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:37c1d0ec-6b65-5a14-b0ca-48361b9feefa", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8c816572-7901-5eb7-9f34-41a16b732635", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e725a6f8-d485-53ca-acae-95b8d80b61a0", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:13f0195a-bd8e-501f-a79f-c8da76b44fd9", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c09facf1-ea05-50c8-bc5e-77046fd52f00", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7df312d8-9ffe-5462-abb8-519f4f206aa5", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fbc5c876-8a00-51fc-9cd1-1575ceea4f90", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a4cb2e44-067f-56f3-b05b-4feaff7d4161", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:baae52e1-7dfb-5817-b8a6-f600eb92be44", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:905c1ff3-f787-5500-bbab-4c2313dbd49c", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:apache-cxf 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a03b29b3-f41d-5258-bc93-de0f4eb5ab59", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d46f7b5a-47e7-5739-b484-c94cb53345c4", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:apache-cxf 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:feb29cdb-c9cf-58a1-ae73-7042a325bfb4", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5f96093d-a4f6-5164-a38e-c91b847d9802", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:apache-cxf 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2c301002-d603-5dc2-b806-dab838ccbd27", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a230248f-31d5-58d5-ba46-1e16d5f4d3bc", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.6" } ] }