{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8cce0700-a6d6-5631-ad83-939dd1bb1ff1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-maven-plugins", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a30b56bd-b658-5700-8cc2-042da4a570de", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd8606eb-df3c-5801-a161-7680348c2d71", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5314fadd-5aa9-53a2-b0a8-63d88e75d682", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:791aafe7-0b86-50f0-aa3b-727bc7bb8944", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20e798ad-df5f-58fb-9557-1444f6323245", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:019705db-1fc6-5bbf-a1cd-88489bd45be0", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c2e5b348-a1b9-52e7-9d27-f57ff54fbf11", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb94ba0b-c004-5b6e-adec-8d79e85ae66a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a70683a2-49cf-59b2-beeb-d921b7b00c3a", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2f1fdfdb-9017-5f5b-8cc2-87b482281972", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a845431c-5181-572a-a8df-f7d3f53e1a5d", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8e4f63d8-7e26-5be1-931e-1e18cfb9c7b2", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30c3b863-77b7-5ff6-8aff-c81fc6f43292", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0077d53e-d2cd-5d3a-8a80-0e10e2e0a7f5", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63886c81-192c-592e-82e3-f47e02d7b65c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0695e7a7-a910-55be-bcb4-3dcbe3789487", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc6e589b-9c8c-5ee1-a4e2-e02ee3360b1d", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b88f0e1a-eac9-53e4-a18d-1712b92577d0", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18cc43f2-61d8-5689-aa9d-869aeb354784", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bcba7292-6aab-5a39-8fd9-c457e2ca107c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8b85e6e-36ed-5b9b-8369-e8d7a69861aa", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6ea9586a-12f0-52b0-8544-85168a2fe151", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f18b385-dfc7-5ecc-9e08-7ceee20d9179", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:109123ed-7491-5373-b8b3-7bed5503bc4f", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e1ab6cad-197b-52aa-a41f-1f916630ce7a", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8b8d5c77-d23c-558a-8cd1-4465e1b2672b", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-maven-plugins 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a868488c-ad59-5c72-b45a-4e9bceba0a99", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:62502c97-bee2-51a5-83db-f912cd404c76", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-maven-plugins 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7fb11d4a-9ec4-561e-9ad8-7f0fa6060c51", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:926ee5c0-274a-59a0-be53-a59b0ef67033", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-maven-plugins 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4121c9d9-dd06-5296-b2df-94e53f23a05d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:40311fc5-58f1-5da4-bb30-fc22e9b1eefe", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.3" } ] }