{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d6e96bb0-098c-507b-83a9-d51be03e3086", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "cxf-bundle-parent", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:959d7c9a-a0b8-5001-86e2-f7a5b7741a87", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4176bc83-ee41-580f-8766-5f542ebb6d73", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:fde24c21-843b-5c94-9926-9ab7c6cee1f6", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:63d3e410-2f77-5701-9b65-4e4f1b976836", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bb46b14b-a63a-5188-80a2-d544591e920f", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:82dabbb1-f3e6-56ce-9771-ae6e6dba03f7", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3ce889b6-d93d-56df-8647-bd63e28597ed", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:24201869-a8cd-563d-bdc5-f6b856852f92", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b59d4941-9d99-54e9-a368-bfbb9d1f6800", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a789d475-f922-50db-a7a7-20a4d7c1e91b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:17f2232e-c94b-5d67-8eaa-d35af8f07aa5", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:faba3d8e-4d8a-53d8-a3f3-20cb69c9e3a6", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:07b0612e-3e2c-5384-9f40-11821e5ad5b6", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:aa82938d-a0e4-53af-b6c2-0abd4303b5f9", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0c1a6386-7f3b-56ce-b0f6-f9a7b3fe0e85", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8bea5d36-f0d6-5270-90fb-adcb780f3c3e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d2c6929b-34fb-577a-ba20-01704f9cdfc0", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1e353263-6df5-59dd-9d46-09f4ecb4c131", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bcf0ea02-5629-5d55-af83-75968ba4e918", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:63aca9f6-24e2-55bb-9c02-99419dc446e1", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:06650faf-d565-5570-aefa-19aba032b836", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f073b466-eca6-59f0-b660-c998b4ca8cb3", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1327044f-92e4-545e-9f61-0e47bfb42e80", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d40f8c81-6c4e-5181-9d59-e87cd82ab786", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ccbdfa5d-fe84-5988-80ae-ee93fb8b7726", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d56a7f48-2e30-5d77-b795-ed49de2fdea8", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bundle-parent 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:785d0f2f-4cc9-5519-a7c4-65aee8b21fb3", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4167e989-f549-5f75-be0e-4a6bdd211a65", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-bundle-parent 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7532fdb2-7a1d-53e9-9aaf-5bb2e7607cf2", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c116134d-dcce-5f3b-9a99-532b8d085eea", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bundle-parent 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:509582cd-e44c-5715-830a-950cb0cb34a4", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7496abde-d5e6-56ce-817b-d9ebd00da276", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.11-tuxcare.6" } ] }