{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:311501d1-13d7-527d-a4f5-f4391e46d303", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "cxf-bom", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:041c88cd-5a93-5605-9333-285ce6a0a30a", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f557d2d8-3b95-52de-8b40-4b5bb4c26342", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a986e18b-7cf5-5e37-b912-f1192b8a9d92", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a0830054-2252-5164-9c05-a1122fc862bf", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:809a2352-12fa-5138-9513-6bb24e5af734", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9b1d51b6-35b4-5e4d-a305-bd2da2f06414", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ad40d13b-fc8a-5e31-ba7c-28bf1e7efe0d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1e80e8f0-9e22-5aa7-90a2-6335efea2b68", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2d8fc29d-ddac-53e0-92bc-937dac189c8f", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1ffeb8eb-da05-5c48-a261-faebb0f5fb05", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e1f51fda-26f4-5554-980a-957f814d4f97", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1f21e3cb-b32a-5eb2-9ef4-fd3bbee9f1e7", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:91990895-7258-55d8-82fc-1b49e4c258f4", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:34c9ea9a-2131-55e9-93f6-b925a9b0acf2", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:abcda257-f0f9-5441-990b-f9db024f0b2c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f6de19c7-c5a5-595e-8167-78f7fdd606eb", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c43ff53e-af63-53a6-8640-61910f0b6ed7", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2ca17302-54af-5cee-ba28-467222d3c91f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:698a1c57-3eb4-53fb-9322-a012164c20fe", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b441e641-0650-53a0-b0df-297114bb31d7", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6e063199-d573-5e54-81ad-27188e7165e3", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:40774f9f-bb1b-5d32-b3d6-6b430dd41984", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5728213a-4405-500f-b3e6-133e80b60d19", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:18b6a701-0d29-5e85-a839-abba252878ce", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4b6a369f-44c9-5e66-aa9f-0c7509c5f235", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c68f6b90-8b5c-5fdc-99df-0e59a90d6e4c", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bom 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:24fb1187-ad8d-559e-9c04-f24bc8ffdf7d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9574ebfd-5138-5c19-a118-9f6c7c1986fe", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-bom 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2e55ec6a-97ea-542b-900d-3f66a659af5e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:68789de3-5aab-587c-9d4a-c791811d1da6", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bom 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d297fcff-a84c-52cc-a912-69324327f4f7", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6b1cfa5d-b92c-5030-9cd9-59dc19ea18f6", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.6" } ] }