{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ed28f03e-7b9a-51b8-a9fb-2538378e9f64", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:62a908b8-7ab7-50de-bd95-41a08ee73b9f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9d514850-e7e1-585c-9016-82b2e225ac4e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91e78828-6a68-5c41-a261-72266a8d902b", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:925dffd1-2641-55da-b57e-b45fb658b643", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:42eb3724-84c8-5c8d-9f3a-f16ad9626bdf", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:18ae84eb-a378-5fa8-976c-03840c8da26f", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df4e93d0-c0fe-5cbd-ab56-e4de09e6c4c3", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c06b25d9-8206-53b2-a16d-a80af0c04b03", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a39baec4-d965-5d94-a465-468e8867a01d", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:13b47d76-e1dd-5b73-a4c9-0e2720ea64d9", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7542f6fb-cfe3-5fa5-a094-0206107d4e50", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f927bede-ac44-56ee-afc2-88a56db37274", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fd8ad63c-659c-5e5e-9160-f54de75bf152", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1467230a-249c-5aba-98d7-11cdfabf9d9c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2030e671-f3af-5f51-b72a-30cffa36d632", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a2a5140d-36a0-53fc-bfc9-941340e2de7e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d184389-89fc-51c3-ae55-16337ce708a0", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96ca0692-80f3-5589-b87f-5ba847127eba", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26aaa704-0172-5ce2-ac32-617a53c04b9b", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e6ae0dbe-97b4-5003-8c50-19ded46de6f7", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db675341-a7e6-53b3-88de-5b3068ed717f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:af7e170b-966e-5da9-a2cd-36e85670e7a4", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c9f6208-49bc-5b69-85b3-7fde24d8f18b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:159db89e-382b-58dc-a175-fc8cf9e0b486", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d67abe7b-f655-516c-85a7-8eb8c0349581", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07abbbab-2d62-5ced-ace2-ae4b89f07186", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:48a934e4-1aff-5c63-a148-42b21d638725", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8a4ba8f9-61e5-562e-86ec-a283928181ea", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-integration 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:575ad99b-6e4f-5e96-8d8f-95c6a5cc57de", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c3cde03d-9528-5802-88ad-3c821c5ecf13", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:77b64311-d54b-555d-998d-0c9958038a85", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dbafa443-b74e-5a53-b9f6-806ddb54649c", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.11-tuxcare.4" } ] }