{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9fd679a6-ff7a-56bf-a69c-5fe97d9f356f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4afde27a-9d52-555b-aa3d-99dc1bce2722", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:645b6a1e-d846-5633-8d03-e5aab7f2620f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ca2d7bd-7092-580e-bc34-da4a61ea0fca", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c5fa00b1-7ce8-501c-9f27-35550a6504ca", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:992b3f3a-b1bb-5776-b048-f1cbe8137e0a", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8df34e7-529a-5893-968a-d2510dd97a39", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9ce5d4a-43dd-561a-bf83-4d6f619a2b77", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe8fa69e-9347-5cf0-b63e-cca565ff1ca8", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d888620-b951-50e9-9d3b-9dbf914e594c", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2af26495-244c-51b9-aa2e-a80516547031", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:54cf602c-972e-59d7-bb16-60b3d78ca728", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ecd9896-3d0e-5373-8cf9-f6ee0dacb5d8", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:627d3495-53bf-55f6-af8c-7556452c5c92", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e2fb96b-5ce6-553a-b80e-61f6d41d7f1c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:107318a0-3926-572b-b518-a35921803356", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8a016cf-d423-5bbb-83ab-7e20fbc53ef5", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed35176b-38c8-56ba-9ce3-7c8d3101fdf2", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e7201d6-80f9-5f7d-8e55-c6bb4a7728bc", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2cc5e0e6-5970-53e1-9b78-de8c289fe0a1", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f35d93c-94af-5cd3-a890-33718c121941", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d9c43b77-333f-5b09-9af5-4f3371bb3884", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:851f019b-41de-587f-b0e5-6579cefa4391", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a63ec96-caab-5c1b-a27e-57efeb03d828", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9f8f5ba7-fc47-5492-999b-3ffed6b829ab", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b73aab2e-a956-5273-9866-a15df8b54d77", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:001ec443-5413-56d5-96ad-c061abb48f32", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29c5ec9c-d6b6-539f-b5fb-580bb44d142b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f63c5c45-09d9-5914-a9b8-78d98b145db5", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-integration 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:14843f0b-4b59-5377-ac65-c12291549d58", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d78db721-458c-5394-8e4d-e908acc89412", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0ce46ea1-8cc7-5519-aff6-670de606ad1c", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ea957ea-7240-5e55-8f43-8fda8aef4cbc", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.2" } ] }