{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ed378206-b717-51c0-ae9f-1b3ca3052e23", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-bundle-compatible", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:97b88aff-fea4-54d7-aa21-a086459659b7", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49b816fa-b824-545e-9f2d-784fb580a3a9", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55afbf1c-43b6-5ca0-b180-7db6ea95c58b", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f14459ba-3405-535c-bef7-e3680daad2f8", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6dd1e39-0304-525f-88e7-654debb7fcc7", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b894ba4-192b-54a5-b73c-3ddbcb94ab61", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f086a61b-e2a1-5f0d-965f-727583ea6f9b", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e4acdae-e4b7-5c79-8ae9-748a7e5cf1dd", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c101f96-c98b-5553-89e5-15d0121a52e8", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3fb5e977-c1b2-5ae4-935f-b60916c80d3d", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e36b4550-8304-54fe-9916-5aa29c3d8454", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:57d99d58-c171-53f3-ab3d-40ff126f68e8", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0a7e6e5-94dc-502a-80a5-ee07dbaa1102", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea774dc0-5116-539f-a38f-f2d154a03069", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2c057bc6-0ee7-5c8d-ae2e-2af3ac3b6dd4", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79b0a4dc-f2eb-5c34-a248-63766d3f0d88", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e6779216-416c-5b54-9089-9667694847c7", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-bundle-compatible 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:056a3fed-e9ad-5be2-82ff-dd414247f05c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ddeed5b6-1668-55cf-8c79-544b15e98f79", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aa929139-7c2a-5a34-9385-dd0875449488", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70e436a2-6b03-5f92-95ec-746b609c5e2a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:166318d8-5bc7-56f3-b9b1-a3d5aa9f265e", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d4d93f6-f96a-53ac-bd72-f3bfe96c186b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9093a848-cf52-5546-99ee-42719e195b74", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5d298e32-32d8-573f-b39b-58d5f631115b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:562c25fb-504a-5d9f-a689-d455ae7c69fc", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bundle-compatible 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:250a5ea6-26d7-549e-bcee-b3673423d835", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:391a3fae-8004-5288-bbad-77ecb41147df", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d034654-c3c5-5485-9bde-cf73762582c8", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0053467f-d28f-5877-b010-fc4afb7ca841", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bundle-compatible 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ab067be-c870-5191-96b1-d2fb4cd8fb3c", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e392780e-e9f9-5c51-98ee-d84ac3243679", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a058187d-9deb-52ad-8bbb-1d770372f2e7", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:db1a609c-01e1-50fc-8bfd-548782eec6ec", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-bundle-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-compatible@3.5.9.tuxcare.1" } ] }