{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4a9ff708-5dd9-5975-ad08-12f6cce0a589", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-distribution-javadoc", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8cb9dd78-2bce-5cec-939b-154a27d23fbf", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:377d5df8-d8ac-5609-8b3d-dee4f417681e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:87825c87-a4c6-512e-93f0-de93a587b7d2", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f212559e-3248-5e24-9c48-356968b07e74", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9629dda5-d074-55a9-963c-e5a5674c7c62", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25ada5be-4be2-53b7-b5bf-fe0deb15577b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9b48d460-8037-5605-9a2d-929bfc3e5570", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a760a2ea-db93-53fa-b51e-8d5b974964b3", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:115cdb72-32e9-5618-a933-6b6dc751bbcf", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b330e13-c41e-51a9-a951-fd660de6bc91", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0d93f07-9e46-5fc0-8cb0-634ad6b9ba8b", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f519b7e-9bcc-53f5-b86d-517bcd173486", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ee64896-fb57-5e79-ab79-5369e2d4f69d", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:753b06df-eb9b-5d5f-b24a-c895433de618", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e6c4b82-8f51-52c2-a94b-7db7e008ac93", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a66f04b-614d-5a37-9304-f671334e79f9", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd45abbc-2e22-5305-a4c5-2fd6337b5fc7", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-distribution-javadoc 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8c0250a6-47ee-578d-bc3b-285c868229b4", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01e6755d-23eb-55b5-b3e8-1aee71d28b03", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90fb6625-086d-50b2-bc89-27b710c08bc1", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b000367-adc0-5462-aeec-6241cc9326e7", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba6d5085-609c-5b27-aac5-43550d1798b0", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:198c5a5b-3c24-5264-9315-7d06e8ce92ad", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea8aa7c4-098b-50f8-a985-cbed3e90fddf", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b7b5e0c-ff31-5cf3-8342-40b02954e68f", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be4aad74-95f8-54f1-acfa-a60952b5d421", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-distribution-javadoc 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39bbadd9-921f-513c-8b2c-99c234cc4192", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b1c53df-3eff-5b4f-acfb-54cc14ec273b", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8fde058a-49f1-55c7-beaa-06ec5d199d37", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe3e8dd0-09d3-508f-b643-99005ff43ce5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-distribution-javadoc 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6679fffa-d7dc-520b-8ab4-53cba554d663", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5565cd24-0ddc-5454-9817-64dc60087c7a", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69923991-f97f-574d-9f56-8f3655748721", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:385f6927-4b03-5bc8-a4ad-a8e7db1e473a", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9.tuxcare.1" } ] }