{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8eb8cf82-eed3-568d-92b3-16e5233b62d5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-distribution-manifest", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b64ac38f-c34b-563b-b09f-9f4b0b25d2c4", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:330451c7-3d9f-588e-8340-bad2934ac854", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ee67f54-0a91-58f6-81b4-3d03574b9d20", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b8e8d3f-579f-5204-a668-22eccabe3674", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ea16d19e-4ef8-59d6-9fe5-48d12eda7100", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f82dd272-eddc-5d1f-9848-2948812e7627", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3452d247-c6fc-5c22-ac74-f4e2b5a1560c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e1d8c75b-e9d0-54cb-be59-8afffc86b01c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c816865-4910-5fd3-b8cd-96680b804329", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7762ee3b-009b-5625-a3b5-d742e2423604", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6c176238-2342-5ff6-803e-fe10aa57954f", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:573a0a1c-50d2-54a2-8be1-f94cd3fc1943", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec9f005e-5914-50ec-89e8-75893bf3c95c", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d883ce45-4e2a-5b05-9d41-31200cdf3e38", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:675932cb-090e-5d25-943a-4dd9d92e962b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2110b167-cf78-50cf-bf3e-6c657df5df19", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e17e7ed2-1cc9-52ee-bde9-9aa03e9f028b", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a55cd658-e0fb-5b40-ab48-884676fd4f7d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:28e53c27-df74-5108-97d2-eecba9efe99d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9995ee14-04fb-5d4c-a8f3-583f941d2dd5", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:94510de1-a1d7-5e5e-ba43-b42123672a2d", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dc32ef10-793d-54f9-8391-65aa0cf8d593", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c6abadd8-622e-5e44-8068-ab4944bbddc6", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:99609f53-dc5d-59be-8a80-5702c8c6c956", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:abea79c5-1cf2-53dd-90dd-dbdc0de0fd78", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e18e1e97-a19c-50dd-8f6a-8aaee90ca0c3", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-distribution-manifest 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef0b09e6-80c3-5f2a-8a23-bd88bd7d9574", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6dad6055-e2cb-5ffd-8b21-02b18aea4d68", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-distribution-manifest 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c65fca56-dbbf-5fbb-a5f0-18a7dd0a2ea5", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4de3fb49-085a-5de4-a9cb-a4056fd10bf3", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-distribution-manifest 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df7b1722-0fb1-5d2e-a6e0-07cf6fe1595a", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5a08d627-a80d-59a8-833b-1a3475a76061", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.4" } ] }