{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f545579a-5a75-51ef-b016-b3891be61b01", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:26c215ff-41d5-532e-877c-e6d35ff5c761", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37d14702-7f79-597f-a374-52e0d285a5e3", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc28cafb-0fcc-5222-927c-639c9e8cd681", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3df64065-9a00-5a26-8483-f21fbbb04e28", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:22c74888-d71b-5b62-b7d2-d21457aac047", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:59250f55-b14b-5950-9b08-5c39decd5955", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32d1ada0-2d66-5c00-aff4-e973a7aabe8b", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7b1506c4-e8ad-535d-9595-8d892413c869", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a30438de-ef06-569c-8c97-6d8e72def4de", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17401bfc-75fb-5b79-b621-7a59893a00dc", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a318eef-b7bf-5c20-9359-cf0b5c5f98df", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80911b5a-cdb7-514d-811e-f005acda9a36", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8dbdc15e-2f2d-529a-918d-3db8a94dd33c", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b6fa6645-642a-53ef-8bb8-404202ccb899", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c8ccc967-b2bf-5e49-bc5a-827d64592bb5", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8e0b9790-2cb3-5b1e-9bee-770d3c13850a", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e85e685-aaa8-5f7a-8f66-554a7ab7a4b1", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-integration 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6d907a7d-1f07-5f2e-88af-ce4cb37114ea", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f624f38e-05f2-584d-9755-7812933063e9", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7dad52b-2a3d-5c93-9179-78cdd11d99e7", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5d53fb53-ffb4-5697-9083-fb1459007bf4", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b543cced-e6e6-5d53-93a0-211bb66b7b00", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db26533d-3c2b-53d8-aab2-4d3f3e259aba", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:83218192-9b1b-5361-9136-61ba6b382a58", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:405214b2-28a8-5db7-a5de-b38ea98d8b84", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:57cc8af8-6186-5b39-a07d-e0a293949dc0", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:98673dc9-273e-53ce-b914-0089d442adab", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7469af57-1644-5f80-9f64-9226045ce1d9", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f606ea2-43db-5a48-8375-43ef25e8de09", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e939866d-f22d-5caf-9790-fc85996b1258", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:60214639-ac16-5b84-a258-30bca874e1c4", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df0af3d2-de89-5339-9841-e4c3d1ebef09", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c9748e45-ad70-59e3-b6a2-9e8405693a95", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66ff562f-5433-5a8b-999d-26f4d8dd1ac7", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.3" } ] }