{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1b59c178-7ee3-5ceb-8f27-defd933cd70e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-bom", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:07d295ea-7315-5885-964c-38086fd43ed4", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5dce4759-f6af-55c8-92a0-8406c33e998f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:47ffa916-2705-5445-9ff0-7ff2555a83cd", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69d22a83-b13d-51d5-8644-0d1256ff414a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a92cbfc-1da5-5994-a0e6-c7324a902d06", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:38efe65b-357d-5978-b836-d5cfa99044f3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:44b5d2c0-3664-52db-9399-041734260a84", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:099c515e-34b2-5256-9a3b-7c5d3fa03f5e", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8422f60a-9662-521b-8438-c295df907779", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8a26ad31-55f2-5da1-8307-ab822e99adcc", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ecb4f9aa-b9c8-5061-b6df-bb355ced2e19", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:61290518-7d6b-54c7-bd1a-e1460e7f29ab", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b035e28d-be45-5722-b839-652045c8b8f4", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1e0010b2-ce71-5f8f-8cef-573c0d63a554", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:71df0f9e-aefa-5357-aee2-4fb16da29e8a", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b8e363cb-e527-5aa8-a44a-1e3a1b46ffea", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:af3104fa-229d-5445-b466-34ce6748229f", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d65e58e-80a6-5a88-8d5e-9e5370cf043a", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b934ff0-6c87-5b26-b4f5-00d8b004192b", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9445d3c5-3896-5d57-8066-057a33f85d67", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f940a407-8302-532f-bf95-4a6465dec9d6", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c6452be6-346d-5294-9958-56991edd8337", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:13cb0372-0552-575e-b457-1366c8a69e5e", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:949d1f42-8f19-54f7-a2b3-5eb0b7d308a3", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ce3bbbee-4c0e-5ba4-8667-3b28f9026eec", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3afaf99d-a69b-5a4d-a72e-9b72a8bb8a19", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bom 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5cbddc31-2fa9-5191-97cf-000a3b615a0b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a1797f90-f81f-522c-9bee-611e3bc65bef", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-bom 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ad3e03f1-7807-597f-97d3-a2db87b15df3", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f58052bd-5afe-5702-bb29-54148c9fd673", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bom 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9947599-205b-5f8b-81a9-02afacf7e64e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:90816ef6-b2a1-5399-b315-fe1af2e0c3aa", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.4" } ] }