{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:47c67f44-ba89-5e2b-b10b-9accce7da84b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-distribution-manifest", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b2f66edf-7f63-538a-9155-fbac8a83707d", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9d58df8e-223c-5bcd-90b0-90048b4fff12", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ffc0f81a-c8b5-5787-b7ad-6f62072c2ed1", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cda67ad1-497f-5025-81f8-ac5094030c81", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6d3928e-5e0b-5c59-81ba-f97341192926", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac9881e9-7c40-5d82-8717-3a0a72cde035", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4605368c-8f4f-5008-a4cf-6a88aa4935ef", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:79a1d533-6c15-5973-9a96-f517bde57181", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:39a251e4-716b-5870-b959-fb3c009b29e4", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff887467-6d08-5d5c-8c6a-8764b62e1e58", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:adb39af8-129e-5ec8-be70-3435974205be", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1771d22b-3990-5d92-a09b-576eb174c78a", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2d2509e3-f709-5ba9-9702-0ce857a0f5d1", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77c80aad-d555-5f95-ad0f-75a236464400", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0d3eb7a3-42f8-5092-b5d4-92adc220e19b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32555f91-28a7-5058-b28c-a396b59f2f02", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5f86073e-3684-53d7-8dc4-fb5081444925", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-distribution-manifest 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:70305fb5-be74-50c1-80bf-f25df29ee778", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b458e3a-3356-5b91-8f6b-a49f389c4a37", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:94bfbc9e-a392-5971-938a-03f59ba45faa", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:33b6a35a-579d-5f37-a36c-cd83ae83c488", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac03be19-f70e-5e2b-953c-b5790b2dda63", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:24b61484-2fb3-589c-a0c7-e73eefbb1eb3", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:358f8069-abd9-5320-a510-36538b1d4cd8", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6dc92c7b-a2bd-596a-905d-f6b784dca739", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3474e7eb-8c08-5ae7-a16a-e49bebd22ad2", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-distribution-manifest 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b30e22a-4cdf-5017-b2e9-26cba8030774", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0bec8e5a-e92f-5dd6-8a65-69b023be0024", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3594b365-acd4-576f-8921-c3e957551fe7", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72e015bf-de82-5732-9150-b24a468c1763", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-distribution-manifest 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55a33154-b0ce-5ab3-b128-0afa45e628f8", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4fb021b1-f7d9-5bbd-84b8-8d60ae0ea017", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:33f618e9-995c-530d-99bd-1a7659f4c402", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31775812-19d0-5b9c-bdfb-62d62ca7e0b4", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.3" } ] }