{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a141389a-76fb-5840-a6e7-be51d6e9b48c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration-jca", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d6aeb173-1bfe-5ea3-9561-5106c3f0320d", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:782cc2e4-c32a-5965-a9db-ab176f05eff2", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b2e44c42-c6a1-53d4-96d9-e79d84f1aebe", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1c2bc67e-130d-5e92-a686-69493879d14b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6a35c9ef-17c2-5e8c-a1b3-3d353e4a337e", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ec557b5d-00b1-517b-a591-7f557ac33f42", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:586cc98b-b3eb-5e2f-a6c2-62c807a6b65d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:082d52a6-7aa1-588b-abd0-413bca2d7c13", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:87398997-4e7b-5f19-a3f6-f98ca3f58508", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f617edb0-7a4f-5183-8cb7-092ed924e3ec", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:51e315d5-0563-5cc6-bd40-b3f3ee0572fe", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:365192e3-c55b-5869-8e7f-4f6e7c51ff2d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2217d463-42d5-56ce-b9a9-c1d14446fa0f", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:272b3e96-dc53-56e2-a7b7-73a5d0fbc8f3", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:35c226ec-b183-509e-98c8-45766caa1d53", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:edd941ff-4d06-598e-97cf-bc793f7e8fcf", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69605225-6222-52da-929f-9f96a6a669f1", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-integration-jca 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fed17fc8-f931-590c-8801-592ae62c68d3", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aa534be3-4bc4-5545-a15d-7b223bdb372e", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1c14e871-f9af-5db6-a58e-99054d18317e", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:41d4faa4-5bd0-5061-ab3b-ce36bad6ad0b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9ee9484e-9eef-582e-bbee-706d20c745e2", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:703f25e2-3bfc-588f-a4c2-30e529fc4610", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:602fac23-3c9e-5305-a119-65cc44b98993", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4da88615-666c-5528-8332-d39f0c011155", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ae99f3be-9919-5033-a666-7a3df7430258", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration-jca 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:612b2f3a-1acd-5f3c-a179-de3eb16b3a88", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9d4863de-43e4-529e-80e6-70f354d75357", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:473702a2-092f-5478-8d54-a158c1b18062", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c8975f4-01bc-51ef-99a2-12d824f1870e", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration-jca 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c131ffa2-7b97-53c9-82b8-8bc1e95f38b3", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f6b5f96f-d8e7-5396-88f8-fbfb59e4509d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8e46c6ef-46c2-53da-b5ae-4d1f6ec8ecea", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe61f214-25b5-5f31-b2fe-1b44bf5cb584", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.4" } ] }