{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a9925e75-d018-5172-a9a4-b05ca04e202e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-parent", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:361dc371-001c-5e1e-97a7-05b5f353bb39", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ea561732-6e12-590d-98c5-142462f9f539", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4f317d7-cf8f-5041-ae03-f1287eb28b03", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a94483d-f529-5e3f-b5ba-07aee22b5efd", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f6c5c84-923d-5ffb-8727-e6dd11ef083c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6bf59041-1e0d-5d74-bdd7-ebbc6817e075", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01c4fd8c-dd30-57b7-a4c5-624e7272cc4a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7319221-4c04-5e5a-ae76-25a9cd893ea2", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3258d209-7954-5e9e-8415-bbca35114e98", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:55a418ba-e083-5846-9ca0-c3dd1c10e20a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24451beb-70d9-595c-aebb-c02a659131f2", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6ce0c431-27d6-5a89-9c48-f089aa8b91c1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9bb10505-180e-5026-8c3e-2188de1cc990", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16a8b8cc-182f-5d5b-9280-69714b518c76", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c4924f2-5e44-5882-b8b8-68c1d272f43e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e51fbe6-28ac-5c44-8e6b-a86352518651", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5989f7c5-3919-538b-899b-1596bc0bd61d", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20487405-1257-5b43-a706-62c1631ae997", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1269d864-e4f0-51f6-9bab-9f9211d071a2", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3f8eba11-fdd4-5e74-8dfb-734ca56950b1", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3016b28e-a8d3-509d-8e01-60baa290123e", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd387137-43f5-50fb-9bca-ce4b1a09f71f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:90e4d414-ef7d-58fc-9ddc-16ffb1034ef8", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:24f159bf-f9f0-595d-8f0d-dee8c67646d3", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33dc2d33-d9b9-5e4c-a8dc-da7cf9c1d6bf", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ccc5771-2d79-50c3-b47d-4aa4c622f6cb", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-parent 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aae15614-689e-5052-b9bb-a9e6c8e9caac", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:37135b16-33df-5406-b324-bff1129983bd", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-parent 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b1daafe-3d40-536f-a8d4-8b58bfe5479e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:858b58f8-5065-59fa-91c4-06d68ce9770f", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-parent 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c515a578-d4fa-5859-9dd0-bf7376b44392", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:046549ba-5ac4-5c65-8ef0-de36d795b1b9", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.1" } ] }