{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c37e1130-1e8f-5487-813f-511ca03fb476", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "cxf-osgi", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:78600c88-d1d2-533f-a23d-51baa0003708", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:027e4259-9b9c-50ae-b1b3-8ffb7e38a8df", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:352416fc-ef3a-585a-b9e1-bf83ed75be70", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:affb5c96-ac4f-5203-a2ce-706fc67f3703", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9d1199d8-59db-5c38-bdc4-e57834c6f51e", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cf12ab59-faad-505e-b81a-e6f0fcb9c85a", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d0ba59b1-2b5a-5791-aceb-752914a465f0", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f2e354f5-87d0-5e87-b00a-3a7b076bcc6e", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2b3cdf6c-ac12-5d6d-852f-a4032ae55466", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:eaa0abc0-6821-5cec-a554-4605903d0c5a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bdffffcd-56b3-5233-97c9-1ccd2dad66e2", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d063ec95-bb30-5db4-b3b2-849083b6e696", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:631b2a9e-65c5-5c0c-9b55-f643e6daef94", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0bd7bb60-8a45-5d3f-8fce-ee30e54d2e1a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2d395cb9-2f00-5c32-862f-832636d07cdf", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4a3f7ae6-8f9f-575f-9182-216649a2be06", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8920ed70-4e14-5402-851a-c221f83b0466", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b323a094-772b-53ff-b6f8-360508e9ef5d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:48696e3a-90c9-5f07-ad31-543bf737e84b", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e3cb81e1-c813-5af4-903f-85aa793076b1", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c128db78-6e50-5c3b-81f1-888dd6897d76", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d0e34631-08ad-5eb6-be51-f008d6c4f864", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d1ad3f22-30a8-52a7-b9e4-9e3312d34cf1", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0e49ee32-cd58-5d03-bd22-208f3064d30b", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:accffae2-7a4b-5c63-accf-8399ca5ebe42", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4faa032f-f039-593b-b1c1-0d12c5f9709e", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-osgi 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:10fa99c6-0f2b-5550-968e-7aede693fe6b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a4f7a6e1-9bd3-5986-acbd-af9198690651", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-osgi 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4018add1-11b7-57cd-8dc7-3a02c72a1c0e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ca6219db-4053-5a59-b833-2f4f44e2edb8", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-osgi 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1aaed077-14b8-51b1-9028-dfdd7c889d0e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:80f89c46-05d0-54ab-bb82-a9a63089c6be", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-osgi@3.5.11-tuxcare.6" } ] }