{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0ffc678e-5af6-589c-ac69-a22ad1f1f91f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-corbatools-maven-plugin", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3fd78b0d-485f-5f49-b6cb-bd6cf3cac50c", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:befe5f4b-bbdb-5b97-9d2b-3d10bb9e2169", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7615b924-ccea-56ff-a7cc-59add1cabcbd", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ae3a9b9-f0d4-576d-a8c5-c4d22717da35", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a394d805-ad6a-591a-a5b3-04e2215fcd75", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:39780d92-7b9b-54b0-8bfa-24974dd9b45e", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2971d4d9-5b68-58cf-8942-e2b85e5ca024", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7edb237f-c6b9-59b6-977b-e37c37bbda7f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:470da8ce-baba-52af-ac9d-4363478dd4f9", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cf8ee255-ffaa-598f-ab10-bcd57d875591", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:55b40ce6-65cb-5e4c-9082-02d7c0a32031", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db57dd05-9ea9-5cc1-b2ea-5b6b31b793c1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0a4dc35b-98ce-5f3b-af1e-5d5436762165", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a07dbe2-4aa2-5d00-a012-793945267208", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b32d2ba2-e223-5602-b828-8ec07f935eb2", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bc92ffb2-9779-58bf-98fc-66229197d2a3", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ba94bc20-6bbc-5784-9c28-45fb3b940d9a", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-corbatools-maven-plugin 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:33d0d715-60ef-595c-9bf4-0ee11f836e9c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7533db5b-ab1f-5bba-b88d-3e1995dd7fc4", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0cc9cfb5-6218-5d33-8384-8f620a43de63", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:86bbbdc8-acc8-589c-b65a-9b3687a65c5c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0e8ec79b-3b9b-57c7-91f5-c90adcb1d326", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f435ab96-3fd2-5993-9b0c-2b056e57a46b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bcd15435-0693-5c22-a854-8f56b38a1deb", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3f686ff0-9791-51b4-a180-d79c7a4ea884", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d8377e3f-a063-5896-8b9f-0bdbb5d45ba4", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-corbatools-maven-plugin 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:23092bc3-b051-5e1d-abe8-48c00013c980", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f044c864-27b9-51d5-bb59-6e2eb39ba2ea", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:256d3d62-cbc9-5e7c-9296-c682c213977c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1e48abfd-6575-5a42-aa1e-e5560e718672", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-corbatools-maven-plugin 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2757e2f1-115e-52ae-9617-61b082f0f5d4", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f6aa503a-31cf-5ff6-8a66-b4a6b80992a9", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd7c9385-0f51-5b09-8ebb-ababf6387fc4", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0a022dd1-d111-5e7d-ac7e-f927de418645", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.4" } ] }