{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dc2122ba-78ad-5108-8ee9-08f15fb5de6c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-bundle-parent", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bbc85703-d16a-5eed-a621-e734e8710731", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c3894b85-0653-5ba9-92cc-9b0852dab44e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df3d1589-9ef6-58cb-b943-89c5b087c214", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a9a49a04-46c2-54fb-89a5-23d8531a1cad", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6279d44c-b1ae-5f39-8632-25483a32b354", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:562449db-3672-52c8-a43d-7eb9772175b1", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75eb4f2d-f5e1-513c-8f5b-0d809200780d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:94151d1c-8943-549a-a5ea-4ab9c261f10d", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5f618d54-e9f1-5887-aa26-e0fd9e42b417", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0bd940fd-6ee4-5613-b7c1-1984b230109e", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef5580b8-e040-5cf3-ad6f-ebfec4dfd378", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d846925-056d-509c-8d1b-cc17709e0122", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6fe9c982-eee4-51ae-94f5-29d4254780fb", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:79e14d67-3c5b-5a23-9065-00b4f9ace32c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c8241fb-8edc-50f5-85c8-6592c24645fa", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:123657e5-5930-5254-a3a0-7c3a69373b07", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ad0f3724-a0a6-51a2-bf56-961170edefbd", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a20635ab-ea32-5ee1-8223-d2311418de85", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0b11a54-a59f-58dc-923d-a053d40c43fe", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:716dae6c-3509-5c4f-886d-797768feee93", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:41eb5792-6b2f-5076-a9bb-320cadc6d756", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:51aad030-c417-566b-a8e6-79a9d753d390", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f16874bf-16b1-57c1-a1ae-704c872f4619", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4de37185-98d4-59aa-bcb7-61ed78f44f33", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b8d20947-562f-55a4-8ca0-127df73ac9c8", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d7fc0f5d-fcea-5bd8-8ee8-930d91aa32a1", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bundle-parent 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7c3d27c3-7645-5788-8ff4-583be80ac018", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ddca692a-aa5e-52fb-a229-89cbb0d7d0be", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-bundle-parent 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6ed04f48-08e0-50a7-84c9-599e821abcc7", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:31567cd9-83c5-5310-ab5c-f9d8af8102e5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bundle-parent 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d10bc01a-763a-586b-8b11-2d09ba10bc64", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:15704c46-141b-5cc0-a9ea-702201fbd508", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.4" } ] }