{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5fd5783c-f0c6-5b96-91a4-5b66b25586b2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-distribution-manifest", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:39888f3b-6ba6-5d8a-a008-a49b9ffe20f7", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:786fe47d-9ad4-5cb6-ad3d-20eaa92121b0", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9264bebd-897d-5581-a05f-217a69e86731", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d2f0e5b4-3e80-5298-a816-220d7c63c0ce", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c8bced3-c43b-5393-b08b-bde976ff8afb", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25b87eb0-0bca-5078-b47d-a5782e237a59", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76ed43a7-062a-5ee5-b2e1-69b4b0b85f3f", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c632d1bf-6834-587f-a35f-df5a5638d64a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:98e9e3b2-269c-599d-b016-22e3f16cf7fc", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:59c0e2aa-c05d-5fc3-a699-0ce7170057a4", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3323f73c-3a1a-5d32-b6c0-32ead72c5a99", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:99747146-267a-5326-a619-ebc2fa61b31d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e6659dc-6053-50b7-bed6-be101940ece9", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2575fa10-906f-513f-8d9f-facd17aa58f3", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f914b77-ca47-553d-9418-b4fc58ce638c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c142df2f-2995-5976-b93e-e3b9be11a9f2", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3949e95c-a8de-5b96-a7bd-e968ff72e073", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d72998fa-9e02-5c20-a2d0-224808053023", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c2a3eb57-82ab-522f-bfdb-ea80820d6868", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7d05fe4-67e7-5991-ad02-91b8adf69627", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e5978aaa-7628-500f-826c-ae732ed97365", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b95811bd-6053-52db-90d4-21fea005cf00", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b990ac58-6952-55db-9dc0-ce96afb96457", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5eb06c8-df9c-5da3-aa0f-34565df84bf1", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1be53bb0-979e-566d-98fd-03a671f247c7", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c07bc60-0e5a-51b0-a1cd-6450237d2fa0", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-distribution-manifest 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3591cc5-5d87-54a0-8589-a67a064bd072", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:051e1b96-1105-5d9b-82fa-f87491451c4b", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-distribution-manifest 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77001051-7c6c-5c39-8bde-f49f0895c11b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:daa9f1bb-a975-58ad-9a52-aef41cacaa78", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-distribution-manifest 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1dcf9df6-5f97-503f-a161-b79520208b01", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af0fc72b-b1cf-5b77-8d74-f3f58545c22e", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.2" } ] }