{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:32f40d7f-3e15-557b-911e-18de1cf2f1ea", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-bom", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e8d5ef5d-70b7-5e07-b85b-db194b45ea84", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:97c4ff98-f933-5edb-ac08-2566283ec9d2", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec060457-9510-5561-8bc3-9bb2d2f6df7f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0cbc54b6-7f63-53ca-b933-027eba4972a4", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac78203e-8f95-5cc2-bb9c-093ea9315f55", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f3b4d99-fd1f-51d7-8376-20491566159c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5b3b1ee1-c9a5-587b-bff8-62acb7280444", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:39a2358f-9251-5995-bd41-47546ba76aea", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f95c89b3-ce58-5b68-8931-cefd9120286d", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3356354-53bf-5796-8f02-97a071c9fa14", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0be6bfce-391a-51b3-9475-f8cd8bb0454a", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:19b7f990-1ffa-5843-a324-3428538a9674", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df778afb-7e45-57a7-b5c9-c0ce66b64335", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1dbf9039-c6bb-5402-8b73-82f019429f95", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:de5a4571-131d-51bc-8a14-7feea0a60291", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:066d466c-21ea-5a4b-9e39-74a8458158a5", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e86ee4a1-6d11-5044-9586-0bbd09b45785", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-bom 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ffd849f6-5662-5295-9fe3-153d85f5aa2d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8fafacd2-e56e-55d8-a2ad-754510106a74", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c435bd3-9ca9-5408-9612-086545f0d139", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4a8d0f3f-ca43-5969-ade6-84bcb6a0e041", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:546b0575-4b14-5397-98a2-334272833496", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:44ec054e-f340-59d5-ab21-5a71b1d3b2f3", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2bfdfdec-4818-5537-b36d-3bb83e55c275", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b0827bb-7196-52c7-8fb9-88324cf6456a", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:67cd6fe7-e493-59a8-af3c-57de81d7d0b1", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bom 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b617db3-423a-562e-928e-962869bc8f95", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb38978f-b84a-5f6f-b38f-1a70deafc826", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37627b7a-5234-5d8e-bce4-2299abf48e3c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b936983-9c6e-5985-82a4-fd7dd54a21fa", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bom 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ae9d1d0a-faf1-5f2c-94a5-573fd52cbf7d", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b3624df-5b5e-5a31-beee-170be6d0b7ee", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bc1de49f-db25-542b-916f-08f2271e5b00", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3c3d42e6-2072-5bd9-9051-eb2185612c23", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.4" } ] }