{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dafc1bb1-1dbd-50d4-922e-6bed2f46122b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-bom", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bac84126-bca9-5584-b7f5-72f0cb30f19b", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:99fbc7d1-9967-5286-b098-17c125f86cf0", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f2db8f3c-40a1-558a-886d-be8d5ce89b85", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e1ecd107-f5ea-5a0c-82d1-1e3dba44fa53", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a168b865-bd49-5f67-b030-dd75d76fd76f", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:95292f42-9b32-5a5e-8238-47666bb6a9a4", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02cd056f-4d6d-556b-b7a8-1149532fc3c5", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:356c6070-803d-53c6-9fb2-d7e4bb0339a7", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5353d312-ab0f-5640-922d-5c19dd5d73eb", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:824c5a96-0dc6-503f-b030-104d2d5c5106", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2caa4ec9-3b88-5ee7-a7f8-178633c940fe", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c539ab76-2be8-56c2-95d9-a86f9600d791", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa89315f-2550-559b-b12b-8894c9947786", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4dfb8c17-03db-584f-9a37-273d6ae58b1d", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80169802-7c8e-5a7e-8321-fe8aae6a2c77", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb7befe4-3654-52f1-a0f5-249110140342", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9aa280b1-5936-5ddf-9a21-f1c1e87091b9", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-bom 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a853de7-599d-5a54-a3d1-1909927c7e6c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a642897c-68bc-59e0-924f-b52a9866b10c", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af1801f5-4d6a-5769-8717-cd5ce1f3bd2c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:00ec53b1-7ee9-5042-9b86-3c968cbc17eb", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd56cd35-4284-57e1-9a8f-7f97fe87e287", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd8872f7-ee76-5e11-9c0c-255085d5e6c6", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:03f04e6d-1a3b-5e23-85ec-53c52445a8ff", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6de8775e-64d5-5244-9480-0d9aded2040a", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0469dab-1d48-56ba-b0d0-9880ff3ad8d4", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bom 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7352e123-0940-5531-abfa-633cc76c5507", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37b65f97-f660-560b-a9d3-4f10003ba07c", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0768a052-78da-5510-8ffd-dd68052c3817", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d158228-0607-5153-a215-2dfc841f3e50", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bom 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a3065d9-ab14-5548-8729-48a3a06ec4d7", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:befcd42a-15c8-51d0-bfe3-9ffb914376b3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:05df4ba4-56c9-5427-bd3d-f5f60229768c", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:35c861ab-8de5-5113-86da-8e49b20b61b6", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.3" } ] }