{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0d8f19cc-024c-59bd-b424-c29e7ad93d12", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-bundle-parent", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9bdecf31-826a-50d8-a10e-f148973eff70", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ee4799e3-7dce-5fd4-8703-01d1c9408ca0", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cb76659d-7894-59be-9389-6993f04b13aa", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ddfe2bb5-2590-53a3-bf05-8d563bd4c108", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0dbd5221-0fbb-52dd-8b8b-b98b3bc61c86", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a791df5c-1e99-5c5f-a3b1-8cc22b9b335f", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3afacc5f-b320-5083-bbce-9df5ffd61a14", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5e364723-d3f8-5fdf-a98c-c9862d629075", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5461e25e-167a-532f-a370-8b51414a2092", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4c52bb68-acc3-5d31-a22e-7739ce150e2d", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c4fbba15-ae68-5bd8-a1cf-a05283c2a3dc", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3ef3ec3a-6608-5958-a201-0412865a60ef", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e786a612-9c40-5221-bd55-3969166f2c37", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d1bf830-9eac-5eb7-b722-f68374a64336", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cb63dd30-764c-5e66-aae1-0cc36dbd995d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3016e6a2-5ca6-5e72-ab86-ab57d9ac84ca", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce485e79-0f3b-56c0-8f3b-9973fb7b1f3d", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-bundle-parent 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0b87a4f-cedc-5dab-aa43-3cd8614acc15", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:245baf6f-5932-55b2-b173-a54446b2e474", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8702aaf3-e4d6-5e11-a1a6-7de400adca7b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25b4a32a-0e3a-5d1b-b129-92e5570f4d38", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a62d7a41-8ba6-5d50-8913-2162eebe2e49", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43a51596-cbfb-5118-ab01-0c0fd3770df2", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0ea3bbe-7460-5b90-9735-b0b7d3b180c2", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52f04fd0-a85e-5ce0-9232-f63fccbd8ab5", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9741547a-8b17-5077-81ae-5fd047b1bd61", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bundle-parent 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0ab075ff-2706-5249-ab45-f6b318b54180", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9c642482-4baf-5d46-b049-403a564005ac", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a02cab2-6e35-501c-b982-db42344a2bc2", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3796fcb1-7534-5547-837a-680708adb912", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bundle-parent 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:539e2931-7253-5ab4-be22-175f4cc2d301", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9393a555-f748-5ac1-86b4-202c6fc57ccd", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d11b5c9c-4539-5b65-9eeb-3dd10554a313", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c3ea4bf-8426-5db8-b6cb-7be1372dbddf", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-bundle-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bundle-parent@3.5.9-tuxcare.3" } ] }