{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:383859bf-c96f-5574-a89f-1ad20f54260b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-codegen-plugin", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:40ef33a8-a1cc-593a-8b84-eef65b2ccc8f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd2c4c03-344a-5f3f-83eb-da0a4eee99f4", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db2538ba-6830-5e8e-8d9d-83b6e5201853", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:397dfe22-c27b-5392-970b-044ffd598bce", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ae82bc1-acb4-5242-b640-054560c474e3", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55269c7e-eba8-594c-837c-ca35e33e5c98", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:03eaa037-983a-5928-9c5d-990086cf2b33", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f3154b9-1185-5971-88a7-883dd864aa9a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1266cf32-8b2c-5b1d-85d4-84a36322d241", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:060a3c45-e4b0-5d26-9de7-d1b9b1837bc3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dbffc2ca-cc33-5e48-8a13-b913a538d7bf", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4d68915-4e7a-5d38-806c-96da29a38731", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6a74f8c-27dd-553f-b370-3530bde7b6da", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a6ac3fd-98d9-5ada-a243-40e993a36f1f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b14cf30-05f0-57d0-ad42-2302d1a416d7", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f006db3-264d-57a3-8dac-8b48ba445f90", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b63e99f-0640-50a7-ab1d-bca329fd8164", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-codegen-plugin 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ff56bd0-a866-5c1a-9a2d-19df17ba73ca", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b926b0d-e6ec-578f-82c6-cde1300a4c1a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84a32a08-d1e5-5727-96f6-42658afb9492", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb7a83e8-f557-5ac6-a273-3a19449fffee", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ce6e040-497f-593f-9df1-ca9569d9fd12", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dae31836-68cb-5635-bf9e-9dff940c798c", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d184d73-f22d-500a-9705-33b5fa777014", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cfba00a-eaf4-57c2-82ca-298d42b850ac", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb3d144b-7a21-59ac-9669-ccb32aaa5985", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-codegen-plugin 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd5f45d3-5c49-577c-94e6-c24f91630c4d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfe06fa7-9c80-57e7-8ce7-c03cefbd2cf7", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f9a6841-f573-53f1-ac58-861bc5da8c4a", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7202141a-57ef-51aa-991a-b41918ce3199", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-codegen-plugin 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a6b3134-ad93-50fd-9076-bacf058eefa3", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:450e959d-3117-5e93-85c0-f9b83381e07e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a50794cf-dbaa-512e-bde3-f0baf9dd9c7e", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6218f82-7478-56f0-8b44-2f246d08f5f3", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-codegen-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-codegen-plugin@3.5.9-tuxcare.2" } ] }