{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:cafabe18-880c-54e0-97b3-9a4bf995ddcf", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-parent", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:75333ffd-68a7-51ad-a600-6d663ee40bfc", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3b58934f-794b-5d33-82cd-40b1c755e70d", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f822ba77-c965-54b2-ba1b-df52fcd8561b", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2668fcb4-2fec-50e7-8af5-68edc03c1507", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bf025c49-9e88-53cb-b845-e6ff1e215a6c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2d409113-dded-5cc0-8033-d7f450a346b4", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ffadecb8-d49c-575b-b178-e7254825d9e0", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d5fde4e4-25de-57a1-b53b-7e5bc3f58ad4", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d3d0cf35-f004-58b9-ae00-26b79f906362", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d4e14046-36e8-5060-b704-b67452cb5ccd", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:064eb3ff-11cc-5ef5-af91-7b188cf3d863", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ae02b205-4655-5b75-a2da-bcba511867c3", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c9692a75-d493-5322-a36b-6f182de47ea0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0535621c-d36b-5f05-9874-d51ca30172d9", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3ccde406-75ab-50e7-a59e-b42a902f5707", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e5f81fc0-0d5b-5f89-a11d-e041a745bbd6", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:72532db2-bf77-52cd-8034-a7fe410b7eef", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:48a7db5d-5820-50dc-96ba-cba958099c01", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a5eee4a0-9527-53fc-adb1-a041bd40a31e", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8fba625b-c9b4-5c5b-82eb-d6facdd0a564", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7410fd08-32a6-5e3f-9b1d-340b2b99599b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:190d9a55-7bbc-5018-a80d-3b6812cf82ea", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d6a342a7-268e-5455-86b8-63bae232260d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:10c6c052-2590-5c76-b6aa-eb42dae45140", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:afb23a1a-18c0-5127-ab50-ed8e2406ffa4", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6d2d7001-6131-50f3-9ae5-737a42ead163", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-parent 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6b901c9b-fd30-5982-9f41-696c78935d58", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5b1c2c6d-a49b-5ecd-b141-7f8cf4e6f6a1", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-parent 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c5623c4f-23be-560e-9fa0-fa60977fc847", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0e893a92-718e-5096-af92-d6b6ffc69098", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-parent 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5a621490-361f-55fb-9a1d-9829c043434c", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c6146889-4b7c-525d-8355-ae350cb97f57", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.5" } ] }