{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dc35b009-6057-529a-8396-339a33c011bf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-corbatools-maven-plugin", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2df596cd-b0d8-5c36-8c1b-5733191debf1", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37fd6445-6399-5530-8fcb-6e9b5866e03a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:477d9e6a-6e60-5589-a1a3-8f39fc85b974", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:10ba6587-b881-520e-92ec-7105c910633a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:444f888b-5257-5304-a76b-e81cfd34166c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:491fa679-93d8-5579-89b4-a1ecaa091fea", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44de1355-b1cf-5571-8073-55e160fa8406", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:173bea69-d1ab-5b4e-a721-9789a60ce8a3", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:abbfd8cc-485f-5b53-b567-3aa144805c23", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26d85697-be5c-582c-9ca5-af12287a11d8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c04f0ee0-4f1e-5ad4-9120-f3efe353b132", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bdbbb522-21c1-5c40-ad54-71e5c432acbc", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ce7cc56-7966-51c1-a069-ed2e2b6917db", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cfa81554-0681-5418-b51b-c2e80c77a188", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83479cba-9ef8-5dc3-8926-64db5b81bcdc", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ad321df-7043-5051-80de-1056be246ab0", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14a818c2-b3f9-5b97-8b1a-328fb1fe82fe", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-corbatools-maven-plugin 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ea0cd72-ca66-5d86-9651-0d167ebc765a", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f70219c-693a-5de3-a18b-1e92c2654b1e", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:574a7e9a-bc87-5a7e-b0c3-e20e025526bb", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b2d8c21-ed54-51bd-a358-5cf052bbef90", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6674fea-8e1f-56d1-8193-da237a2ce5b9", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f57b3946-fd42-5b3d-9b27-984a5db5d416", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6a74bc27-bae3-538f-bae6-466993f4ed2b", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96c5b772-2d72-5c04-aad1-8225a2739f49", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05e7bab4-2a5d-57b3-b57d-99e56814f424", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-corbatools-maven-plugin 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9bb1ade2-45a8-5191-96e7-353c67570ee1", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e52a33d0-d345-5a04-bf0b-f8b519993cb3", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47519e14-219d-5ea5-832d-c3c1e17c353d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c790b1e-ae43-554a-b6e3-dac5a0be0d1e", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-corbatools-maven-plugin 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cd8a3ed-10ee-5165-ab8c-9a53248863e3", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:009549ca-56a3-503f-ad3a-bfa9f2baab30", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f9660e8-2ef9-5327-8e56-174836516a70", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8d9748b2-1ca9-5c62-9079-a6ad11b44052", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.2" } ] }