{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dabb10b5-d403-58d4-858e-f73644a259dc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-bundle-compatible", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:09e0d298-fa3e-5de1-92ac-990190c13614", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:300dbae1-6246-5e60-a06e-470a0c9979e7", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16f24bdb-c808-5c28-b942-29f30f987c94", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0c9e046-08de-55d0-9e8f-1a218566bfbb", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7da21d7a-6fa3-547b-9f27-99b18733b719", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42c12b8c-cc63-5739-b450-0189fbd4b190", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ab4f64e-e3cc-5bf0-91fb-7633c558465d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a145526c-1b16-5bcc-9110-554c178b4d44", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d096523-fcf1-552a-bc37-b30eb4444b05", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8955eaa-95c0-5ab1-a71e-4b53e7524ef6", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c9d0ebf-5af3-529b-864a-cb88e4c212c4", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:33b12000-e79a-54dd-8a3c-b4b1181c0ea2", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:731f642d-732d-55ed-95bb-6cb8fcb1aaca", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72c7d5ce-1d2b-5aeb-8eff-fc00244552f6", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8e6aa8d-4b1a-5b9e-8b95-368961ae9b6d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a5108796-d9a0-5f80-aa0b-29b7906f1447", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3df1c2ff-408f-5ab1-9a15-9ee6a31d873b", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d9ca0db1-6da1-535d-866c-60a849d915ea", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:566d2e91-1444-579c-a990-61b6bf967905", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1fdec9c0-db21-5948-bda6-346da3a0bcba", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd9055e4-0521-5b21-99d4-32a8b2618aec", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:519a4c12-df5b-5196-abdb-f9f54e3d2670", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36db68b3-45ff-5b80-8e7c-d13af019b6df", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d097dc86-3b80-5c3e-8b6f-c807c3baf9e5", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6452b7d8-90fb-5be3-8e3a-4e3401813dce", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b58d7453-0449-5436-a1bc-0ac9e0befcd4", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bundle-compatible 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c940ae3-2eb2-5dc9-a8f5-150456c36af9", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:697e5ab4-af76-5bf9-b5cf-098fa746aeff", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-bundle-compatible 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:119af7eb-f354-5a8f-8e4f-7e50d3dcffd0", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2cf78648-af8c-5036-ab17-65a570a7ae70", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bundle-compatible 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0af38dff-1149-50ec-90ef-0f271c3bc91e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e96cf7e6-acbd-5a58-91c0-a411ccb2a19e", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.3" } ] }