{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4c3e0cb9-3fd5-5a58-b5d9-b76e3f9c0712", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-distribution-javadoc", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:99653e67-ccb8-5187-b2d0-b13cbfaf0e2c", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b90ee9a-3f57-596b-a31a-d6dfcdcba007", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c82e25b-8c5a-532b-ac5b-bb5c60f1d928", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:031c6bc9-65c4-5f28-a126-c9e6d1f11b81", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a9199f0-eb76-5dc7-8524-73d03bd7ec06", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79b0d5ac-d9ec-5e68-ad77-57976a87f686", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5fc1314a-d219-5900-a465-c311e79c109f", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f15d21b4-613d-507e-9814-10da4ff67e3e", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:167cfd8d-8f2d-556b-8d24-dc51e2375546", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5cc7a871-9312-5bec-bdd9-9428f3565ed3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fe2b0ed-f2dc-5c41-b2d0-9535e0123353", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d000d0f8-d458-5f46-9221-529f63df8eef", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1acbbd40-68aa-5ace-88c6-878059dd983f", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9456d34f-65e8-5dde-93ab-b8ed2df951fd", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:387b6b12-1cca-571a-8d8a-055a55e91b81", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5730176d-7440-5643-9993-1ba10298f099", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd711bfa-cf6f-524f-831d-6adec7d87fbc", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d70024a2-4017-5709-b737-7ad7bd8ef5f2", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78a13045-8e9d-5a2e-a0b4-99fe602764d3", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae760eec-f854-57e7-8507-93ef7026b955", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f958e8a-495d-51b3-93e8-1697d8db9495", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d10de1a6-a68d-5c95-9702-6d387f083e52", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:189ea9bd-0929-5bc4-8f4e-2dd493e372e5", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5a6ce0a-5d3a-5c18-90ad-473a207e86ae", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b6de8246-7c34-52f0-a539-878be97a8b27", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eabb6dbb-1d5a-5a26-99aa-cd0b8a22d2ff", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-distribution-javadoc 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aef0295b-6a98-5f71-82bd-6a2a2c5d5cbd", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9cca8c88-8993-5fb3-b1b2-44e6b1df2336", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-distribution-javadoc 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1690ae0-ecc4-52aa-88da-171d3d1c74b1", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5fa74f69-f1e3-5ec1-bddc-701ab6199ad1", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-distribution-javadoc 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5527fd7-1d1d-5a25-a42b-1a6634404fea", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4b07aa15-36b3-5f8f-93cd-f61d3afe1b0c", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.1" } ] }