{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:619353af-a907-5250-b01a-113974d3c23c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ad7452a6-8c01-5b87-92c3-3e790a61e8bd", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:76d88f18-0328-5c38-bd53-6d05f0754a49", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ebfecbd8-984c-59b2-adbf-a284eb40ccce", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d18cc73d-dc1f-58aa-bee0-f3165e3a5e98", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:433d598f-1d64-5e2b-9b0f-21649330bae5", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:05ceadd0-30c3-5634-b6c5-0c3d8fcd8019", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:109b8c4b-414f-5d38-9a3b-877c89fdc143", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:43d9300c-e83e-5aa8-95fa-18de807cbe11", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:640691dd-4f2c-5499-b633-814865a9c5e6", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e1c9d0f8-0009-5c67-adbe-4f7ed4e20c7f", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6ee23de4-34f5-52c4-a95c-63633bfa6299", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ad0543f-8ae2-56ae-83f6-8c40e677b970", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:40da6af9-833f-5f30-838e-379883062727", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:00cd7ea2-b278-5baa-a734-23cdaa7bd84c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:818a5e4b-0c83-564f-888c-2b437a341c4a", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:961180b0-5381-5be9-9fa0-af5f709a21d8", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9cf44ad7-d051-5313-868d-a85d22e3b0ae", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-integration 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e382c947-be31-51dd-b644-0369b67c5d25", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cb40931f-e6da-54b2-b518-2521860885c7", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cc3b1cca-340d-5034-a427-e0ba6a13473d", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ce448165-f59d-5efc-988f-994bb0c39963", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3740324f-2c86-5239-8216-fde393c77d02", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1896e8c0-7dea-5465-b30c-63ea6736cd38", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8fa5ce41-c1ab-5223-9008-4aeaed25ea57", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e54a8875-9805-5e80-86f2-eea2e88647dd", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff2783c4-f6bb-5454-90e6-49904d266eae", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b1313839-dc2e-55e9-ad10-69f12e6f03b3", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:910bb61c-7cac-5164-93af-de1e1984cb2e", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:699a6dd4-68ef-56bc-8f7e-3950394a15da", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cb1699b6-d969-5b25-84e8-03a65f65a38c", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:33183fa8-d34b-51d1-882f-f899abf18c1e", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8dff8ed8-238b-5c3f-ad45-4145ffcefaa3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef8931b5-8e7d-5767-ba3b-5ca3ee4fb228", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c87b5bc0-1d7b-5da0-be0f-9b2ddd776d66", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.4" } ] }