{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:03063cdc-3a8b-59d5-9e27-257ce48c8fc2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d55e1788-bd73-5a5b-94eb-3dd4f9c968f4", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f46edce5-cd37-5cbc-b61f-b1840ed332ad", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b2d1db6-e809-599e-86bf-35dc18c4eab1", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:748b2387-3961-5138-aec6-b29087108e2c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f16031e3-d37a-54d1-a14c-8bdc794a815d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7124b1b5-8506-5a2b-aa2e-d29b4633c383", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fb49a7af-d65c-5398-80ca-a4be22e73762", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e70c0bd-5b62-5573-8854-9d17405a20ff", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ece077f4-a29b-56a9-80b6-5c6ad177dc5b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba993f04-b254-5962-a3ec-ff48a2f5cba6", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f5499cd-d9dd-51ef-8abb-37f6706e6611", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b28eb785-56bb-5457-900b-cf6ddc48dab3", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7936d288-14f6-5abb-b1c4-65752a1e4003", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd11f8be-cacb-5ddc-8dba-33ce8aadf2d2", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:904124d9-5a96-5e84-9d0e-6c72be489926", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d0a97b2-db4d-5a94-b480-9133bfe0074a", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1908c0c-d0ee-51b3-a8a1-51ad31507836", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5e348e4-98f0-5b2d-baf8-b2e1de085207", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59d18941-681b-54b3-be09-8df43e13f64a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce6893a0-2ee8-5c6b-9805-ab2c1f0d5e51", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:351eabb6-73e6-546f-a2e6-51f153f647f1", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc55d30e-39fc-52b0-b553-08536b79615f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88fea142-a739-5dfb-b3e1-4f5d57e7db74", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39556d65-8819-5c23-85d8-bb27ef3987cb", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:614d4cbb-aecb-5b77-9923-f9a065cb5c07", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99a325c2-0e0c-5d37-a7d5-7ebaebfd7fe8", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a13184df-f1d6-5318-a85f-8c95828ed1e7", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55435f08-24ef-59ce-b802-944b22adda70", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-integration 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d580151f-d2c1-5ccf-8075-8d17ddcac89e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8619eb19-103d-5039-87dc-fc76696a7797", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bcfbc477-9e75-56ff-8f68-a28262ee214c", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b1102247-ed24-56fd-a624-0d8b1f6eb668", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.1" } ] }