{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:aa8daba2-4533-536e-8435-9147df4788eb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-bundle-compatible", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5b23283b-6b6a-5ed8-be53-5cf1671b9c2b", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:19ed8cfb-1f3e-5292-b845-7d03e4b44262", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9f98f1b3-3dfd-5f73-8e95-5f642c6b5a33", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:69eeda6d-9577-5484-b960-1fe6508cfe6b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:816439b6-ebfe-5380-9430-7ad024f96230", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b21fc082-323c-58ea-abe8-54a5189aba60", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1d144521-81db-50d9-b682-059ce1da9453", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c6b47935-6d52-57da-aa54-dfa05fcb1d4c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ae257170-4e9d-5000-bba5-dc3930019d6f", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0fd3c635-296b-57b9-acb6-b1df665fec14", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:20d73f0f-1668-5759-b72b-94320c409009", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:50ff3d43-3068-5745-a677-09064d1ef299", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:85f3935c-0e0a-53ae-9aa6-4b9eddbb4796", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:138ecdf7-585e-5191-bcf1-6e53dba6e3f3", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9d00a512-d580-5d3f-9c15-c339e50635a9", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8472e1cb-d90d-5d58-ba95-679c5bb962b0", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a4da25f3-7f25-5d6b-aba6-22cb415d696d", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f84cedc7-1720-5ede-9009-375f4318af1f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:355d282e-cbdc-58e9-9d8f-55ad92784d3a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f2d3cfc0-af8b-5ad4-ae2e-d09a3b0ef3cc", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c66870c7-17dc-5905-91f6-78984ac441e3", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9893286f-3e2a-58e6-a075-95d1543a3fa8", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:69c01a4c-5679-5203-9ec9-231fb54b465f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2a67e2e4-0835-5e7a-ba2c-203da5e2ae9b", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:754825c7-3d87-5ddd-a281-01372fabd45b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d2268f50-d90f-5ffc-ad30-08f8c8543f12", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bundle-compatible 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:98c10536-95f9-535f-92d0-dcbc52c2d280", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0c6a3783-4508-574f-821f-46b819adf771", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-bundle-compatible 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5727be5e-b752-5fb0-8624-3088910e2dea", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:45e884e7-b2e4-5c6e-8b21-ac375a7f23e2", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bundle-compatible 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:20d706fd-2a98-5cd9-ab30-468a4e0c2aa5", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:80ae1573-6909-5ad2-84e4-8a75005d273b", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.11-tuxcare.5" } ] }