{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:48bc9474-adad-540e-b277-ad446e313fbb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-core", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6d9605f4-d735-57d9-ba0f-005ef491ac3d", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:39b4aa33-cbcb-5d08-8cf3-e1ae44fd8e6f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c66a8923-d23c-5cad-a5d2-a30daeb33bf6", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:93bb57dd-e971-5219-9e3c-0f4ef33122b1", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dac9a078-d268-5df6-b47c-55c0f2b0ee61", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a36b5623-04c2-5047-9012-a11eea94395b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f4445c11-5f03-53ce-9cb4-e2418ea0c887", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:63589d05-1f42-5dbc-9c8e-3d370796cc1d", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bee9f14c-3962-5b90-8a3a-1dd810a76416", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:97ef29b4-cc7f-54d6-96bb-6df918b64865", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db8ab4d9-72db-5f08-9287-4b0eae139f7b", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8daa70c1-4142-508b-bb7e-9f8552f7aac2", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d01acd0-d212-51e0-9d1e-392ff0afa0ce", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d3f5d04-acdc-58e5-9a96-4bc109e2738b", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6af6b859-61f0-5505-8fea-6d8531d3e32b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:02b294f8-1dfa-5b9a-8b53-ee77bfb6fad4", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f77c4814-10b6-579e-82b6-daa326a38514", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eb039cbb-a149-5fde-b028-f98cfd2e4039", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8c5d4d70-7cc6-58f0-b06f-7e42b0666a08", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b23da65-aceb-5cb4-8889-31375766edc7", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:05881e9c-b51d-59cc-b464-55a3c69b64d2", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f17b45db-4ddb-5834-a72a-0e16f5bc94c2", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a3a0a00-10d9-523f-990e-bd9b8df4a75f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ad619941-d03b-5f35-b81d-83db1e23efe0", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d4293a15-40b6-54c8-abb7-0770504f82b6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:63025751-a48b-58c3-9144-6230a35c38bf", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-core 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0af7754f-0b44-55da-aef9-b7fafc7f78a8", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e6a8eea-64b9-5451-bc0b-5e68e7fc4826", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-core 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef5c8c2b-1492-575a-9751-977ea3074fa8", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da5e24ae-50cd-5b11-a213-e1321f33c59d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-core 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:713dd69b-7330-5f54-afff-fc6b13cf8483", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c1d1bcc8-0a6b-5210-87ab-0cc303dcdab0", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.4" } ] }