{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:976d837a-daa0-52ba-9bb2-25b27937776c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b8e2ae5f-caf7-5365-9615-005f01b762b2", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9427f40-87ad-5995-aeb0-fc0cc302fa1b", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:38f8f874-35f6-57bc-9c21-709a8f8e0b7d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c03a4672-42d0-5b7d-aa24-b4e4e1c0d0ca", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5fbe4d47-70cc-52d3-9501-a9f768fe797b", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:146f2c15-7532-59cf-9f4c-6979adbbf45d", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a05b83f-ae21-59f0-b401-bdf9e429f6ad", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd5da26b-479b-5f13-a1ca-f508794f8979", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0317feae-9c91-5d98-bb53-bc2d6af9c391", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb41a003-cfee-5828-9f43-aff9432e053d", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17a67ac4-bead-5aff-b691-d0ff419fffac", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aae96070-1b28-5944-bf63-d160d80a1bf2", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8bb94501-aa10-54ce-8adc-40a358434f72", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1404fb9f-65b2-5f43-b93a-5a1fa8f5e06f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be1ef2a9-ee18-5002-a514-0c25a157fdec", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:93641aaa-b699-505f-a6e8-90ce31873d3f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:02fc9022-d31a-5bdc-94b7-679aa7277d98", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-integration 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:226bca56-f00c-5254-982c-3601dec87d3f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e1d92a4-50aa-5be1-b47a-2b63b99033d7", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f7bfec78-926d-5f88-965b-09245fca4538", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3cc7f95f-7005-5efb-b2a4-4f853a25dee2", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4919a98-822b-5b79-8f3d-c7b5914ff7c9", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:75772d5f-e323-5cf7-9939-d9afaec8a8dd", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27c30d25-80ae-54f2-adb3-3b4bff8d7708", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f6ab41a-13a2-58f0-95f8-52c971c75045", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a3eab57-7d44-5a43-aaec-dab1e6a5976c", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e217cfc6-1a45-5312-9770-5126e754b5e2", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a3ebc55f-13cd-5142-8199-bc5b55cf67b8", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67e94567-0ca2-5af3-a23f-707e5221583d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45dbeef7-3893-584d-b753-0f46b93c10f5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a9aa256-e309-5258-a55e-8f8f0a228856", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0c52516c-37d3-5a4b-844e-692015422ee3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1dae9d17-f440-5ba2-9b06-1b8a56a6e3c8", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bde133b9-cf58-5910-9117-44e906a2fbf1", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.2" } ] }