{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8f235792-6dcd-5bcc-85d8-66a7c2fe3c63", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-bundle-parent", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2aead4e8-c2a7-52da-b07f-f4456ffd4ed5", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d723aa59-1547-56ec-ad16-0d2d8c53aea0", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1228adbf-ef55-5109-a9bf-2ba4c183139e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c4f8268-c014-59b1-81fd-485851b30f73", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bbebb59b-b2d5-5558-a6e8-5ee345f338c6", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a7adead-4086-5630-b3d6-c921d4ea8241", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:14e8b68e-4beb-521d-9e0d-692c74be9ffb", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a3c34f57-e5bc-5279-9b68-de4520db7064", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3ae4307f-bd4a-56fb-91b8-666072c9f09b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4af7072-3162-53d1-8e15-820728244c55", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e9087e91-ab82-5e7d-ba6a-8f968e509053", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:15f54f4f-227a-5eaf-b54d-ef6fd7e4ab26", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a4eed0cd-11ea-5c8f-b4ff-ddbd19cf5801", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4b0c0ff-83f1-5174-b3d3-b7fe8fe983d7", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8db4a88e-fbe1-5818-b69c-4aa2cad8a264", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8f50c22-d2cb-507c-bc70-5aec8bc56d10", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:765afc76-2843-5510-97ab-62f55af46744", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4692ac3-2ec1-5729-b7fe-56956fb6b26d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:786b1b31-e1fa-5b8b-acd4-5f9d6ef6a664", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:abd7fb7c-7d38-5fca-8ec5-6ba0f91b2f41", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c23387ad-1dcb-5740-acfb-4b418faaa7b8", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:880170e3-bb9a-5587-b649-bb00ce22df71", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36227760-d2c2-55be-a569-c4594c1ea439", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:58338999-fede-5e77-ae63-2c15bcc26bdf", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a6f35f9-227d-5a3b-8e32-bd059505f06b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f531333b-a115-5174-a8f9-d74445935f10", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bundle-parent 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02059eb9-f2c8-5cee-a669-13fb80538901", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:014b22e2-16a4-55b6-a76a-13b17f7fcb43", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-bundle-parent 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f21aaa4b-76fb-542d-94c6-29d9ac328272", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:51136b3b-9c10-5285-9679-949c60373c26", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bundle-parent 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a2362aa6-0df4-54a7-bb61-1a2ace1f5936", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f49b69b8-3adc-5b5f-8367-5b2ae162b63e", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.3" } ] }