{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:092772dc-26e9-5adf-be80-f5ed52da1fd3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-parent", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6c216fb9-65e4-5f79-a09d-9d1b1d539e4e", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19f789db-f874-5d49-b106-5afc3bd8c79c", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9fc31000-095e-5317-a364-db9fc40d6f20", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36b76912-9cc4-51ed-97dc-0f92b111bf14", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:953f669d-76a1-53b0-9f1f-ede943752568", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4da0cf1a-e470-5650-b591-2c2ba7d194b9", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:28680cb1-48ab-53f7-bab7-627e28a1ac46", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ae3c1c2b-1808-5521-87ff-27d62cc0d50c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d39387ba-8be9-54ef-a79d-70a78a49fd80", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:355a8a58-fed4-5f20-9898-68fb19a6cf96", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f4e721c5-55cb-5e10-af75-bf4e02543690", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7c0cb99-de16-5feb-aaa8-5015a3187622", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4d3d18f-d27f-5f93-9c66-8e86b19a0a90", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:30c4c261-1e47-5700-b8a6-a2aefef3b49c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3a0021c7-a585-5ce0-ada0-cde5b831b6ed", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12ba3d8a-cffa-504d-9818-43a214890d8b", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f3233dd-96f2-5fcd-95ef-d61cd28a2afc", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-parent 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:548afd9a-04da-54dd-894d-6478bbf235cb", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e8ce8253-0f05-54fc-92b2-6f85ea837288", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4ff5d41-e59d-508e-a0dd-0fb1f094a0a8", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4653674-40be-5df8-b0a4-d89a9432759c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:75a8eed2-e935-56dd-a6e5-604672b448a8", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e076cbc2-ce4c-5eef-b18e-0088b017868b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3784ad07-afbb-5c3b-8e23-e26f9d36a7ce", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf8963e5-a187-5c69-baa7-99ed5bb8305a", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0b0f2005-71e2-5e88-90d1-4ea3877f8da7", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-parent 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab89fc21-519b-5a7b-bcb0-5063a2810aca", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5988220-a338-5770-aba1-06cf12b19a9f", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f5b7dd5-0816-5452-ad51-c6f948186807", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b68e0c5b-5f91-5dde-bf88-5caf5da3343a", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-parent 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3b65111-6a16-5385-a0cb-81583f84d00d", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0240b334-fd7e-5c12-8d83-f1ac6a61b240", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7ec984e0-b7d8-5589-9b89-7c161dad050c", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f93cf9b4-05e0-539b-b1fd-a15fdc766839", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9.tuxcare.1" } ] }