{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fe2e330b-ec20-5a70-ad05-f19275a903eb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-bundle-compatible", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:98a48874-594f-5160-8b0e-297a28ed21fa", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ffb93c8a-38bc-5978-875a-56aa5e0e26b8", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0529ca4e-0c34-53ec-a5b1-30edfbb17ef1", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8a9b9885-9da6-5548-9ce2-607713528cac", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4d6b3325-7589-5c93-aed3-a44d2193ff8a", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06913641-5bbc-51e1-aca0-091b28fccfa9", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ca37d352-5ccd-50ca-a8fd-32b5238b3b73", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f37e3a8a-1fc3-5003-ad03-c19edbc708f5", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e6310e7e-2afa-55a0-99bf-0000cec2f5d4", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d07ef969-d9cd-5ec6-8325-87137ef87c02", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:87dcb4d4-d3d0-54b1-84ca-00c3bd0b832d", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:97c8b3f1-fbe6-51f3-9934-adb80513d009", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ce591e8d-78df-5248-9de5-13cc9e8d916d", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:20f38efb-2d69-58a5-b107-4c144135a7c4", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6c76e527-988b-5fa2-bd99-406a67f5a844", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f786adcf-c706-5b34-9c50-8f5a86e6ce3a", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:95fdbeaa-ad19-5297-9505-6a343b5d350d", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b829d7be-4b2e-5a7b-9d7b-85b548556670", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9345a214-0154-51b6-872c-9e6601731576", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:517b069e-d478-5926-8840-f8f6a4d0acf4", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fc3b3c71-304f-5bae-954a-cf8399b4389c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:239e7bbc-22c7-523f-aa74-80d6305d212b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7d28ce3a-2211-5041-aa26-89cc2462725d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:85b48a39-a6e9-582a-9163-7e557ea19051", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:02ac2b60-6909-589e-b4e5-f53dd25cc5f2", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96e83e08-8cb6-5791-8158-be7b43f0441e", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bundle-compatible 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:816cb100-015c-5bf2-8816-f1e12ae1cf27", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dfd19dde-b7ab-51c9-b8de-56bb19987b78", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-bundle-compatible 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c06daceb-38bb-5796-89cd-297fa61f2110", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:08a98929-ff19-5846-b78f-47d373ba6c3f", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bundle-compatible 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:36ccf8b2-55bb-5e2b-8b8d-4a44c55c319d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed13d977-f9da-5cff-9c8f-6d3e3e74637c", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.4" } ] }