{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6b1b8a12-e6bf-521e-a761-c963012d5916", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-maven-plugins", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3aa5f3f1-56f1-5660-a7b0-8bc8e4649e47", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:087816a8-4b45-52e0-b1f8-51f3771a8ce4", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:663706fe-b584-5616-a3a9-c393736dd103", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3ef1c528-bcc7-581e-83cb-0d5c82c0949a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e5306190-d399-5e83-ae9b-3d4b6fa110be", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e3ebd1ab-f387-5fbc-a600-8706f8c08710", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:70ff5a78-8a63-53ef-9194-3f759b3561f3", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c0313eb8-4116-5549-b10e-e5cd86dbd2d0", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d848ba23-d9f4-5e05-ac80-fa7fc68cee39", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ac62373f-66a5-52b7-87b0-7265c7af251b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aaec3c2e-d03e-5821-b885-fb422ee60b3b", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2786f566-2e6c-5e97-90ac-d4d8c02d2fe2", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a8cea075-9aec-5272-9c25-c4d6fb5f5f1d", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4232b972-7cf5-5b7d-bbc2-0b804b19ae62", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6ca798ea-da20-51c5-aa89-249cd8d00a56", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ac888619-2a55-570d-82a5-245c44edea98", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:12350cd2-c3b4-573e-b373-3add0cb71247", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2b459bc9-700c-58e2-ac4b-4e339ca44eaa", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:29ae9b80-63c9-5ff0-bd47-cb69ae7d6647", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6f63c569-f717-512b-8038-10f753bdce1c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:539ac68c-1f80-5e5b-b5b7-99bfcdaf714a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:78ca989a-4ea1-5677-85f2-6d391486c6a4", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b038d673-4176-5307-829e-d85279a1d21a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ceb5c16a-ac02-5178-9f06-dd8aebeb593a", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3b17f11e-48c7-56b2-a965-a466a2e966ae", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:889ebe64-146f-54ba-bbf0-1e04bfcb318c", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-maven-plugins 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e85f9ac5-e612-531b-8011-29fdebb53cd1", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:53bea7cb-5129-5bb5-a181-759d46e96e75", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-maven-plugins 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7e1d7dce-0db7-5bc4-a1c0-405e3def751e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2f155714-68cc-5d3a-837c-80423f73f65d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-maven-plugins 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5ac42316-e414-5442-9e01-d1d548642a96", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3541c171-dd3f-5f8a-a07c-6c4f34d31745", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.11-tuxcare.5" } ] }