{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:307ec3c9-6ac5-5cce-a6a1-d828ba1ed0b4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-maven-plugins", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fdae1cf9-6641-56ec-b5d6-6c488af0537e", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5097d0fa-26d6-591a-9bc2-e705fb09fe77", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11bb8e44-fb32-5b03-bad9-ed22907ea636", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:890eb2b5-8b6a-5c14-8de0-c500c7dd59ed", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0732faa4-0a9e-53cb-acb1-a66736895edb", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:460ae278-e037-5c7f-8f41-0cc8569d0322", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:baa5c691-0449-5b44-9c82-2d9f6878b6e0", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:afb73d45-f9f5-5b36-af35-2cb8acc7f548", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a587421-8871-5218-8ebb-66717b68ea42", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:93b23d04-91c8-581c-914a-df9d770bf60e", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31220867-f8a3-5a31-9fbb-12b8bba3a694", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:48740256-9fdd-5eee-ae9f-d5c1df33c3ae", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8216e4ab-b7fe-578f-b664-742055a83e31", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e0199bf2-975b-5b10-8c9c-8682014fb581", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:004d99fb-50a6-5a22-b633-031ee54fa9ed", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0afad696-0832-5c4d-ba03-1c24cee32b76", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bf3ef16e-2d40-5bdb-ac99-2549b2e2d010", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-maven-plugins 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4928cda2-0155-5c6d-8148-c411e4f7dff5", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa8de8f4-aeca-5783-b389-6d26751e216e", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a242a438-2de2-564d-ba6d-4ad495c72a45", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ac68f01f-e3c8-5610-81f2-773ff8cd71c6", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:71b4b122-c72b-5155-b536-c86c649b5824", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b6727fc-f2d5-5135-b3a3-3a6336351dce", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a9e4667e-3dd5-5b83-8d4e-3c5b11f2eb8c", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4a5e07fd-a8e8-543d-88b6-4eaba8c8963d", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:46d94c0a-b403-5b96-a373-4e96848886b0", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-maven-plugins 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4646bbec-35c6-5628-b571-5e405d2ba4ed", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:83745e48-e6a3-5b11-8dbd-ebfc5934acb9", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e19c3401-9eb9-52fa-b89f-9570cb5fa413", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2d3f47d-288f-57ff-a839-b9168d6ea574", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-maven-plugins 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:17396b38-6f28-57c2-b352-2590355a3018", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:808ef6c0-5743-5976-85f6-8aadb17b7dfe", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7f84d692-7379-5d67-b0d5-14e2fc8355b7", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:322dd97f-2b38-5b92-b028-3675cb6c28d2", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-maven-plugins." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-maven-plugins@3.5.9-tuxcare.3" } ] }