{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e24d4af5-ac20-570f-9891-90edd2a1a626", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-parent", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fcd3f5c0-5e29-53c8-9b23-f6067919dc67", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db8d32ee-a4e9-5620-8ab8-e0895f5215f7", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0c4fcd8-132e-5c40-9886-f47ed7f7ad6d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:751a1ab5-609e-5960-9f97-ade37182eb72", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f7b55408-cbf5-5a2d-8e5b-ddb4138c4560", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:24076f54-35a5-569e-a11e-81c702f8004c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ad43359e-431a-56c3-9ebe-51e825dd1d1b", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:686a3552-74fa-5aca-b088-665c56234efd", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:510ada19-81d7-5295-a1c8-6fb18f5a6657", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8d1b184c-3c22-5fab-968d-40c882be0fc2", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11c7bb93-f3f2-5ae0-a8b4-c865e72c8eed", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c56872c-93a6-5d1f-9374-3dd037b13629", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a398104a-42ec-5c01-adc3-06082c0e6ed3", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09a1ea8f-1a5f-571e-bd21-58b79eb66493", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:92143638-057b-5a11-9e42-6a1567404828", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:94b9bb01-04d3-5d2d-99e5-c92a0f65922d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:32d91a76-899b-5909-81b8-e8dae3bda665", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-parent 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a08e50c-8cae-51de-b3e8-f807e37ba8f8", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f2cdc6d-986b-5ad9-b802-effd3690b00a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e4acc8a9-9ce1-5af8-ab1a-959a83af83c0", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:52723682-24ad-55e9-9e8e-3425befa2863", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:11b5cdec-6d79-5ca3-8bd2-34a51b8ab9bf", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:46d2925e-0242-5ec3-a0ef-dfd612c7d14e", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff4bda95-c3f6-5375-9540-eca271a42cf7", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9337e2bc-20ef-58e2-adbb-ca5264a78b0d", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d046944c-ef50-5344-a4d7-2683f048bdf0", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-parent 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b83cc40-4ca3-5b61-885c-55dc258377c6", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f6b555a9-f7a7-5c30-ad42-45a82042d1db", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:78447138-85dc-50d9-9abd-38f78f792e18", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2bc7f384-c8a0-5695-b145-1be50e2910e0", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-parent 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:347ed930-b0c5-558b-93e9-6969119c7afd", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3272c633-1643-5176-a5a7-799d4961113b", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8283dc95-e350-59fc-a4b4-c28e130dcbc6", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75338fca-c04d-5deb-a520-02cbb1eff979", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.3" } ] }