{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fe7cf708-3113-5760-bed9-da4f183c3f15", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration-spring-boot", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:87cf6f18-118d-527e-889e-e9876cf534e5", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32112c7a-66c7-591e-b1c8-6664ee13bfa1", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d16a7ae-92ed-5dd7-a181-fa7cb006827f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5761a5e7-e858-5969-b256-e2418c550d10", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c364a66b-03ca-5b97-884e-3511686e0e64", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c89a32e8-80a8-5ae8-95e7-f11a462e02f1", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edd7a340-8634-568b-a5d3-f449c1dda630", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2dee3a4c-b93e-50ff-95c4-3b547f81e0a4", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:876bdac7-0f92-5aab-9e68-2399703b1c78", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8bd86509-b29b-533b-a84c-6f5fb597d521", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15453cae-a110-576b-9add-56e1d67ec5cb", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:346937e7-2b03-5ea0-b4b5-2e506cf1688b", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c8108a9-541f-5142-bdda-0b28ed8c2a44", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd68c5b8-7463-5aa6-a027-37bc2bd11d52", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a383f949-a7b8-525a-b331-86bc5c14d0e4", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b413c492-1b18-58a9-8b3f-369e67c688e3", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:275b30a9-8c18-58fc-a895-5581bc9c75fd", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-integration-spring-boot 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9612b8a4-f006-5c44-85d2-71cb744f5013", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edb328c0-226f-5d00-ba5e-467243f8a1df", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:458280a2-1b97-5d9d-8fca-64dab1e41d67", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17c34fac-2564-5659-8912-49a14e9e44d8", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d3a4d3d0-a561-5fcf-a7c5-e1b9035ef792", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:060a3175-6d6e-5d0e-b927-5ccb7a90014d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e1059abf-76d5-5bb1-8c9b-fc053e2ed0f3", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d414bb59-c3bc-5474-be6e-f6560c69e382", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1eed9249-a300-5fe6-ab16-cd719f13da4a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration-spring-boot 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d271b712-b71b-52a4-8e9f-043dfbfc18e7", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b83b051-ba84-567e-a9d8-04ac87c76df8", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:53e28965-8a9c-51d7-be7d-0af928d6b733", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1b6b6ba-8616-5ea0-8465-753fe25cf946", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration-spring-boot 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef4139cb-f933-538b-aae2-ba641c1c145a", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a70a526f-2cc6-5db4-b027-3892b14597bb", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f5832f12-fb71-50da-bb97-8bd3fee24ca3", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a41dd6bb-6f40-5de6-8438-9fe87dd0db02", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration-spring-boot." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-spring-boot@3.5.9-tuxcare.2" } ] }