{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8a4e1e8a-e035-5f49-9410-1a75c0ad2845", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-parent", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f837bcf4-93f8-581b-86a4-a16ba990df86", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:abcddaab-bea6-52c1-841d-3a106d885562", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06abda9e-5fda-515f-b431-7a4dd7c27199", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f30307f-8834-5ad7-922a-72920d763147", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f1529105-98cc-5db3-86f8-c16bd2a3d6ec", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06e709b5-0fdc-59f0-8109-6522ef2ef0a7", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b79a4fb-0069-570b-a600-4d13b7a783b4", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e76dcb61-b846-5e32-aa1b-b24e906b5843", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5f61f3e6-1300-5fe9-b9a3-8f0661f3268e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cad74a6b-1ded-5ddc-866d-c23317584ee9", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e207f964-37f1-53fd-914e-06c7313ffec9", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ebd9ad65-f902-5e69-828f-f5f6188110b9", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:79962304-aee9-5c86-96bd-83ee44ddac42", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07ab5902-5417-5769-97fb-4dee9cbdf873", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0893e192-53a7-5889-a1fe-92fe332e4241", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c4e21cf6-56d9-509c-abb8-4a1682c8bd7f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:22cdfd72-3b63-51f0-97e0-707b64e05c44", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-parent 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1c13aabe-41e1-5af0-8cda-1ec3cffbed01", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:56a5f128-0efe-52a7-a32a-5f0976beee49", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7cfbf592-ae96-5312-bd87-0e19c187f2c2", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07516a0f-a329-5c1d-983b-0e298446a2ff", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ad9336b4-92dd-52cc-942e-5f40d05fb70d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:52d9c22f-30e3-5a88-9f99-f5ab62d57dd6", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a5744d1d-b8b7-5da7-9995-024d9197718f", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d482018d-23f1-53b7-b167-cbf9c56bf423", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d81cae57-eab4-560a-af08-7c15f1256bed", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-parent 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a8ca0f9b-399f-5ed3-a2b0-73396307215b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1c04d14a-d8bd-5f71-be8f-7e85b769b345", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:521e4804-066b-5b4a-9415-0e562f6d87ab", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6424a333-4ec9-518e-b6ba-f981bc07b4d4", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-parent 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9e4bb796-aaab-5134-b41b-7745baebeb72", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e5d0d2e4-bc2e-5f19-b164-c61e385d7306", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:878887ec-b97b-5d8c-b318-79c48fe1367d", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a17ea96d-b9e8-5092-a0ee-c05314e3739a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.4" } ] }