{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c100c608-235c-53fe-b2c9-f02fb0cc0f27", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-osgi", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:befc35d4-ea1f-5d05-842c-2aa73bb12ca4", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:557a7c12-f1be-5f68-9f11-0e76d2db4f61", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f57ea454-d429-5d5e-8ac0-d4fb21a052e7", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1fe9af8-b1c5-5717-80f6-a5443f83a119", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67edbde1-b752-57df-91d2-5fa9b09e3d13", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c73b7e56-5269-52a8-9870-c78dd2c6a0de", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d4ec12b7-715d-5ac1-93de-87a7f56fe095", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cd1c41d4-5588-5128-881d-f8c3c29bf2f1", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20b8ae1b-90c8-5b10-a344-fcbd664fd08e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6cffdb4-02aa-556b-ba0a-55b9d87f394b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:982c46a8-86ec-53b8-9fcf-f6cbe52917dd", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aff6fbc3-3f1d-5608-812e-0d6ae7c859d2", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62a3345c-fed4-51b3-bedd-6b60e8adc4ca", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08304592-048d-5762-9b29-8cfa0f072cfe", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31b8bc02-8cf5-5128-8d86-0d2dacb39288", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96106e1c-414d-56dc-842a-cc95489d70b8", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4650dc96-711b-5542-9b39-dcf3b56bb649", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fe474e9a-0163-507d-b4a1-6ae03ed93aeb", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6fc1dd3d-e51e-579d-9ea4-8e050ee5305f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:721046dc-e94a-52b6-9c1a-9fa6d918efe5", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d6e30c5b-40cb-5066-abda-07ef20758fcb", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1bbdc28c-ed60-58f7-b076-4ec90d722071", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d57928f7-f45e-5c78-b21b-fc2726299638", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d882e9e6-00b2-54b7-8de3-e3215b58512c", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f4f614da-1870-5f0e-be74-3e5dbb69dff7", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b5cc3741-e6a6-5b32-935d-1004fe313b38", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-osgi 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ccb5d53d-c872-5504-928a-8487d520d46b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc24d357-f61a-5fdf-8ca9-4b628c518ed6", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-osgi 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7bb6895-9d5b-5de7-995e-7cc7e0d1f062", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d0a514f-f93e-5c13-92e2-7f136160ac7b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-osgi 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16cf4d51-1d89-56f6-a525-76e68b82e47e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:77665ac3-ed90-57fc-bfef-40d7d2244159", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.2" } ] }