{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:909029e0-6a52-532c-a96b-b900de9ff901", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-parent", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:908a6e63-905b-50fc-89f6-f911c40b4bb5", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94d34c2c-9096-5788-a702-be6e5b1c5c16", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6af10776-6d8d-5ee3-9b68-ea790b8843bd", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6480e2a3-399e-59b1-aba9-9a1179015ecd", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bdce568d-cb56-52e7-9020-582a14810c03", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29920519-d040-5677-a088-556a522afa96", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f4ae3954-5573-5a7d-81ba-ce81203cd8af", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15954bc5-ec5c-5132-8fec-b16fd8c2db24", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6877115a-5212-5b35-98f6-042cb66a58bc", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9cd93423-ebb4-5800-a2c3-9d02b70ed0b4", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8bbeec7b-264a-59e2-9d79-45c09fc68848", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b026eafb-4d35-53fb-b416-4e6ea6079404", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0e7dc602-1491-5f5c-9e89-aefccaac3ebc", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb7ae5b6-5f26-5b70-a6d2-28419395ea4a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6083c78-1896-5c9b-89b8-fe4801635573", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6db387d-57d8-5d42-97e4-c150bc474baa", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a2b204a-94ce-5341-8472-c330bcf21628", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ced4c25-2f8d-5aac-8926-2960df84148d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:894aa3e8-b19f-5903-8a71-3bf6a5d85b2b", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f12e9d91-3172-50de-86e4-ea3214ae8483", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0341cf21-ea2f-5c8c-99ba-f2335bd95c32", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1ef2ce3-7786-5caa-be32-351fa1a09151", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b94529b-d0d3-5418-af14-4e1b4cb073a8", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85695fd2-70c9-5ad3-bf56-6440fa5aad89", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e54c4d87-b250-5cc7-85e0-fbda2f9ee210", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20693edd-969b-5dc0-accb-041aa8fcda86", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-parent 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bd1574b-67d8-58f3-863d-a2cb98738a81", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4788a863-1318-5fb6-9316-22c188fd4272", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-parent 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae9bdd7e-5272-50af-98a1-0c0bbc9e9a6c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5e4097bf-b140-584f-8bd7-0070df8f7fcc", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-parent 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d250f049-771c-5144-87a2-9c917da798ab", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f936e129-88a7-563c-807e-e610b2e82fe6", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.2" } ] }