{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:373ae901-b76e-5825-aaed-9747fb468f40", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration-cdi", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:73d41b55-2f21-57f8-9dba-eac32c2522aa", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:704142fd-434b-5b6b-873a-7d1c82289c7c", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5029d64-b6b7-53cc-b726-47ce351b2ea3", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6e065aa-d4b6-51d6-8a3d-1046edabf892", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc7266d5-77f1-50c3-b6e0-c38dada48d3e", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:70946013-047c-59bb-8105-06a4e591e08c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7baf8ba7-a6c9-591d-8190-fd20255876f7", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15d64fac-133b-54e5-86a8-f60b5a493db8", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8052de9d-cdff-5ba1-beb9-ffbec3905f51", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e7f1cf3-1282-5e4c-9e91-76bc6ffccb3e", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:44e31bb8-bae2-5387-8fbe-e682f7ee6d88", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6cf755b0-ccdb-54a6-a7c3-dd7fe3f6476c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:07d12fea-4358-5c4b-83f1-c7f1f517bf78", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4f5c476e-96a3-5f53-807b-acc6e6e77987", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fbb2c371-52f1-523c-b09a-49bb928a5378", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa540ae2-c52a-5277-a437-19988c14b5be", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94ad7627-ff2d-581c-85db-20ae8c2d5a41", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25465d3d-3282-54d0-8d0f-89ca923844f0", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3202244f-3710-5fee-8398-38dc27f7bf65", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8181caee-604c-5b3c-8764-7ce2989124f0", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8120892a-941b-5e7a-b290-a9b3af93b858", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5524d86-d8ea-5bad-8f2e-3f95a4411b6b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b184791c-ac43-5d13-980a-f8c07180d182", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57137618-5bbe-5004-aeac-ef7b1ac97392", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e404bd2b-9d94-537c-8f32-e17c4adf20b0", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:982377c6-35c7-546e-bca7-1f6d815645a6", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration-cdi 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4398582-79b9-5a65-b471-dbbea976eb03", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e00d8e84-fd93-5b10-a347-a70f63b1a7f5", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-integration-cdi 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1eae935b-7418-5528-9614-e427ee63b872", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d89fedbf-626f-5e15-a63c-917af88466ca", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration-cdi 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:073f7529-91f1-5d45-8c74-429146144db5", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:632c0039-5dce-579a-9b7c-f10d3dc08cd8", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.2" } ] }