{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3e97cc89-86b7-5f26-b540-79af744a75b2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-bundle-compatible", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:34da0428-78cd-53d9-9c06-33b9d215c066", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9cb97555-3a87-5d06-bc89-5fbabd171177", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1f2a2d6b-f3bc-58bb-9e35-27adc03ef787", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1806b49b-af6d-527c-bc66-36b2ff17a1f0", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:080e505a-740c-51a8-a0a1-cd89651059e3", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e032ffd3-134d-508c-8478-1b8736620e08", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7a9ff5fb-3a94-5c1a-8ee1-c63fe498816d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77eb2ceb-9bc0-5d07-9955-6c2156dde6b5", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ee065af-1456-5b43-8940-25b099c2f113", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d17d371c-9b2a-5c96-843d-d5b162255b3a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bc6f73a3-4110-5946-a175-32f0d434d1b4", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b2e9df68-c488-5c34-83d0-d5af17512106", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a88caed-a982-5454-a94c-3d4934d778c6", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55788dc8-fc4c-5bd2-bc4c-a7f68a44e09e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5722f38c-0570-5a0d-8957-7edd6face779", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4471de4f-c94d-578d-b642-d46a5080e16e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cbb96b53-665d-5686-b5c2-74f52962cf22", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-bundle-compatible 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c42bdd9-253f-577b-8640-e5d229df3801", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:636f8c53-edd1-5228-b46d-7a461769148f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02e78cb5-384c-5c0d-bc75-876ce2b97358", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0063002a-65a4-5801-b306-be03aa8ee39e", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bab7f08e-6681-5c0b-a299-b328f3481016", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3364078-95ca-57ae-8fef-e4898eefc780", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd134a12-6cf4-58e1-a324-a9ebae6fc8c2", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cf7bf2d8-3d9e-5b8b-b96a-6181df4f7085", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0bb4f6d7-855b-5ffc-8a45-090b529ba4c3", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bundle-compatible 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78fdb264-924b-58ee-95ff-4ee3f8f39ad8", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d9ca5323-75bf-556b-9ea8-cc9121d8b01d", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b70bc68-1506-5697-9e5c-863aa3ced7ab", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36d6af97-b722-5618-b0df-69590e57d565", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bundle-compatible 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f15898fa-5395-5fd8-8400-4e1865aa5479", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c86b0ff9-c3dd-59e0-9188-85036b9b16b3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:da0ed9e3-8000-59ca-b4ee-cec0a1fdea15", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac5fabc0-91e6-5822-8c61-21c467953a2a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9-tuxcare.3" } ] }