{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0f4f6913-95f9-58f6-8347-2eb31fdbfe39", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.4.5-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration-jca", "version": "3.4.5-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.4.5-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4679ff4d-622e-59f0-a4ee-2acdebc3811c", "id": "CVE-2022-46363", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-46363 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:26a5644c-5f33-5083-8749-454167470974", "id": "CVE-2022-46364", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2022-46364 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:246681c9-3bae-5180-bc26-a314aa9bf379", "id": "CVE-2024-28752", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-28752 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5f1f245-2f66-55b0-95ea-d8a69dd7f3df", "id": "CVE-2024-29736", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-29736 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1c1cf45-0cda-535d-a305-c26936e8d7d5", "id": "CVE-2024-32007", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-32007 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24d3ca56-a04f-587e-9132-b3192cb1d19f", "id": "CVE-2025-23184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-23184 affects version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7134122c-02e8-5f99-8a0c-571603fed673", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.4.5-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9694df97-59ca-5dc7-a8d9-4606e18376e1", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.4.5-tuxcare.1 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.4.5-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.4.5-tuxcare.1" } ] }