{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dba74990-f6c7-563d-be87-45ee09be00ac", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-distribution-javadoc", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d2f68059-ca47-5ea5-844f-4a4cd4fe868d", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5f37bdf5-9816-559d-a34e-be7186d3f117", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:95941eda-c0a0-5184-a221-9d07fab116e6", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:afd42dca-db77-50e6-89f9-1255188c2381", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ca020d0-6f65-5616-913a-d686d2c956d6", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0ea583d1-1067-5450-93fa-10677a081442", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed7a5189-e144-5eaa-bc2e-b2aff5e4b167", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4bd31a66-9118-534c-b726-bb0a39247daf", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b926d97-eb59-5021-965e-4957cd5491b9", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:903c0ec1-8d45-56a1-b976-399086453ae8", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:516347da-ed03-55ed-87e8-4a5f514316d5", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7536bc83-c57e-57ce-9870-52ae24ac9597", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:abe89470-37aa-5608-ba3b-49df4241ce2f", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b64fa4f2-d1dc-5aba-ab66-d2ea49629b57", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7d7b89df-7d8a-5cdd-bd4c-8c39ea9f0c2e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2edc7926-b4a7-5508-8da3-05c852b8579c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:71fad61c-4d4d-5886-aa50-376a89d0210a", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d0739b17-46e0-5f93-a4ed-271fe736559f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0fe93860-3ea7-53f1-88dc-587c57757fa2", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b8c90685-2a87-5876-931d-27b47ab3eea6", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:522934b1-f01f-5b2c-88b3-7db678a1f848", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75f435f9-4c7b-5683-98aa-5be1f67ce8a4", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:59bad604-62e0-5e24-a7cb-121f9586ed8b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91bdc4a9-7457-51b7-a8f6-fa69d7810cb9", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:869ab98e-8ed8-5d7e-9e65-0c0c1c864eac", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bfd6e2e8-93a0-5421-8411-933f5cbf48ad", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-distribution-javadoc 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2a105045-27f0-5f27-8191-799f464aecb1", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:55b9c87c-5c5a-5ea4-89ed-e55dc1d78134", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-distribution-javadoc 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1e2ed006-5207-5de0-90d9-51c1a03df5b7", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:409d5cda-94a3-5999-bf0c-f28f974a6414", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-distribution-javadoc 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c453c559-bad2-5c71-bf67-a981dab9cddd", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:480fbab4-5955-5363-a4ca-e7778b1171f4", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.11-tuxcare.4" } ] }