{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0f9482c8-3c4b-5f0c-82b0-0d88ec35b0f0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration-cdi", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2ff09b5b-b051-58fb-b206-84c708f65312", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c07d6397-6839-56b2-83c4-2443ca6e142d", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:34474f62-cbe3-5127-8930-3ca0356a168e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:358a6dba-6fed-51ed-ae63-634c352f0786", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0386a77-2751-5005-a154-a0d7c00997b9", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db4c7e71-e752-5d1f-90cc-155456a28a99", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e362aca9-5140-547f-9c14-51112812e839", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2a591e83-818b-5da5-9f92-8c9aa4fb7f3b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6b748197-702b-5c88-9150-0fa67fcb6d06", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a863065-80ba-58ea-8f20-dcee1fc8284e", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f93de018-2af1-510a-95db-b958d49b4d35", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:009991b5-ed53-5d78-96a3-681b74b8baa1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b824007-51af-56dd-8416-cdbc9685b561", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8730f162-171a-5d56-aef1-baec1d7c9216", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9408b2c6-0230-50a9-9697-eed3929cd20a", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8950b28-a843-53a4-b069-5a7eab24ffa5", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d5250f9-5a18-5591-aebe-736871a279d7", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09744b3c-a5e9-5de8-a63e-cc5ba77f3afe", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:893de763-4678-5462-b959-2eeaa0b90073", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e777a45-d63a-5806-a630-5694dfe0505f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5d6ad4e8-4798-516c-9bad-77cad76472e9", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd022a51-af00-5296-a4ae-a11f9709c732", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7fe09278-c7cc-5383-ab5f-32545f090504", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb4532d3-6cc1-5c07-8e61-62bc259b5f85", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:92d15970-f68a-5b9e-aaa8-99f12f02c30c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:899ae991-862b-5b3e-b7ac-1572688d2834", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration-cdi 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e37fa9a-f37a-55e0-a07d-a68b208982bc", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d07b27a3-1869-54bf-8f10-0a5a1a7497a0", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-integration-cdi 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:79c79cda-150c-50e3-80e5-8022c7c8fb03", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:862209d9-4e6a-51e6-bee4-5941f4beebd0", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration-cdi 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd05f7c4-30cd-5978-b5b7-b52bd39b80a9", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2db382e8-9dd4-5d2e-aef6-ddf84dee2b5b", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.11-tuxcare.3" } ] }