{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ba18e801-7a98-585f-ad52-489ef6854841", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-bom", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e333e8b4-0171-5d4a-89be-71112e2b6a2c", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a7994f6-eff4-5e77-98d5-4a913b7a0c80", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d887d3e8-9d95-5538-852a-54139cf0f972", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:28160757-a676-5884-9ff3-33e12ce0ce25", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7c525e4-cfd2-5983-99c3-e2ff3fba12e6", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed3617a2-a5fd-5ff6-a49d-2ecee0a9b302", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3c1c493b-b3e3-5396-8c38-f1ec94d3e1b1", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:93c82e07-3090-5cc1-9248-134625935e5b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f7f5e89b-0b61-59c5-9cce-e13c5671cdca", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a28df76a-fd94-57af-bc84-876fe488a55b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ba39ef0-63be-594c-8f5f-284a081524ef", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a3dae03-04c9-55d4-83d7-f205488b0e7c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a5ad0524-c2a4-5c52-b608-1345b15821d5", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ab0e5c8d-6b0a-53cd-8b58-68d30c0562f7", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cbb601dd-eb31-5339-a470-552a99505ff2", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff32fd53-0d2d-50ec-a88b-73b2a791e0ce", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77462c08-faa2-5983-94d7-a6fe7922e752", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f89ed68-4469-57c9-97f5-0fd27066860c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b764e25-4c84-50de-85ee-e8fbf100e108", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c8d7a542-6f54-58a9-a4ba-9c9799ab539b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:705b0d65-760d-50b9-9e20-8d914202f945", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb8e29b6-50ae-58d9-a599-b59f3ca4c855", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9c72255f-7e7f-50d4-b695-710f9bce8a94", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:22795ee7-3d34-5673-8cca-df35dd8ea54e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db313ec5-ce0f-532e-a75c-6ffc6f593eb9", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2fc1ae57-aabc-5b2e-aeb2-e6589064d6bf", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bom 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cdd689d7-67b5-509e-8aeb-e826f0de0580", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b54e046b-26da-5399-9fe4-a00233551060", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-bom 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e9b84b60-15a0-5e3c-b5b4-d0f40045e776", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b8f72fa-78ba-5ddb-9b39-d7f6c4d7d4dd", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bom 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c033c7f1-2747-5fdd-8fde-bc82baed909f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5f2ed559-4bea-5652-baf6-900073e0bc27", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.3" } ] }