{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4d82fe08-c0be-568f-8354-6e62d1d36baf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-bom", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7419b97f-f342-5d43-b2ec-94a9d55c2722", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:161e1658-6aa5-51c1-bb22-99ff0af1e4ad", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4bd22219-2f3a-53ae-9a1a-6b70883d1e5a", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f68fa872-7cbf-579d-aa37-e8854ec1a5be", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8e5a77ee-7b10-5a4f-bbba-90a04ba9c8bb", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c67000f3-2e3d-5410-997c-40ad2035a90a", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:482b5646-3771-575a-ace5-bcf6de08f517", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ab0665e6-8e4d-543a-90b9-1cb04aefe100", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7bfc095e-b587-581a-9f15-b5b544a5e3e7", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:177efd27-ebaa-5491-8cdd-45258776c4e8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:745e10f0-1334-50e7-b17e-259ae3a72436", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5b75d301-0d6c-5bd3-a330-29fcf91d05d0", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:70a428bb-3179-5481-9498-d9118a0697a0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:86b34f43-2ccf-557b-add0-7fe7fa0a97ae", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2223393a-53d1-59fc-90d9-cd336e2c75d2", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b261cacf-7c2e-5395-9ecc-e2185882530d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a593365d-8604-5194-9739-bff2650d531c", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e9612a97-248f-5d43-abc5-3bd36ed4342b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bad0cff9-0bd4-5c62-a518-1914dfe2dbe8", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:848bf5a2-2ac7-5e81-9f4a-5ce653c0c145", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:483d9385-215d-5590-a291-d565f9cb388c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ee33c181-f4a0-5b15-957a-6a88e6872ec8", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6bba6994-7864-531f-9f2d-7567ea61174f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e7e7674c-be2d-5d4c-b3a2-9341949f0c96", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7af04d93-867d-5916-9e02-3abcd2733470", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3c816670-66ff-5739-b010-2870666005e6", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bom 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f99b9ac8-aa09-553e-ad7c-58db37618ac7", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b4a260ec-cbd9-557c-9ce3-0eab996c7311", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-bom 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5d04e974-7953-578a-b20a-8cac83009b50", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f0705082-224d-5bac-bd21-0f3d2b2710be", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bom 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b930f0d4-1934-5a84-8d07-9eb64724b720", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:39161cf5-9f47-5832-816f-3e09710a5f14", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.5" } ] }