{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e7324ea1-54dc-5f5d-9a16-f8b3e8f354e5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration-jca", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e31d9047-259f-5dc7-bfdd-55d95a737ee4", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4be34223-6f3b-5f3f-9f89-80ddc95d1a6c", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ddace2ea-1541-5c97-a2c8-959e21ccdf52", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20ffd926-a85f-5935-8619-b90d8317efe3", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:712caadc-618c-52db-aad0-ecbc6ccb05b9", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b2d1a874-8fdc-51c8-8002-5adafc3408cd", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f0f12314-3c99-5c1a-be36-72d0b52d7a6d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9cdbc9e1-e721-51ee-8c3e-2cb859b562ed", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80f2d533-d9f7-5457-9d1d-d7debede4539", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0dd4b939-546f-5036-8a13-511a4c41f7e3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a085c0a-6583-5271-8ccc-66d2526643a3", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5de83f41-010b-5ca0-8f81-42e84e200099", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:00647e7d-39a6-5cda-8cb4-a40b0d6a0d05", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ca3ccdb7-be6c-5a00-86da-e5c1ce3260c8", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b62a0f4-27a1-5dd0-910b-535d2d61e649", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a326774-12e7-5b2b-a4dd-e4843edb7e76", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04d6caed-e8ac-5998-b4dc-548f8aa9a927", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-integration-jca 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d1e537ce-3112-5ef6-9c28-05737af341fd", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f166747-0dcf-5561-a9de-d995eea91b75", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8358928b-a25d-538a-9d87-ec2986dbfa2b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b6996247-2db9-52c0-90a3-6606eed5ee09", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e9e1bd0c-b190-516f-877a-8669449ff3cf", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bce794d6-2210-5def-bff2-9e8f67b0ee9d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7084d486-6c05-50f1-af78-082597d86a2e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:33de1c17-c122-5204-8c55-4cbdaba372de", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b813f0c1-a94a-5e87-ae6d-80fcbbc49cc6", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration-jca 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b078a058-0e7e-5c44-984d-145275935796", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c25308d-edb0-5a8e-8167-9a032888eb21", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dea158c5-3077-5497-8727-ed8ce9add974", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef99bb0d-9e65-50aa-aa7a-847167eaa7e7", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration-jca 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d85142a0-06a3-5d82-8185-bac9734e6229", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d24928c2-76a4-59d4-881c-34673447a845", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:909901a2-682f-50c4-8285-7ae0907f0134", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f21337fa-6f09-51f2-828b-1fd61916dcc0", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.3" } ] }