{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c685cb3a-5705-5f60-b69c-fabdde37bc99", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-repository", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:70dc83c0-2ba3-5d3e-94fc-5b3bebae01a0", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6848c869-11d5-5b3d-bd83-586917a4cce4", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0cf0f500-833f-5270-8c0d-f6cc9477316c", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ee81a40d-1116-5ff7-87c5-c992e30405da", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d1550c56-fe33-53f3-b16d-28ab66b32e0f", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef0d641d-9d10-5fe4-843d-9c066bf0c937", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab1c7e95-d651-55e5-9ab5-b524f0c3703c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a2eb4cf7-c47a-5a2c-8959-c9e0fa6c6060", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0cfe43e-503f-5b69-854f-dbf91f92b1c6", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b726ab7-4f3a-5dce-ae75-dfc9735cc9da", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:07ad5951-c4b8-50bd-a8a4-3b56b1d1d4bf", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e83466d9-b225-585b-90a5-27c666fc6e4d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c8c7fea5-fcab-526a-85c8-2e3370ddd265", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:70272945-b64f-56c8-8dad-f0700a7553fa", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3d616dd-10da-5f47-8df1-2d4df3c75e8d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c36609d8-9781-5f0c-9ccc-83975ef53c9f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:781e2663-e741-5bf5-ac17-9e8e210429f6", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99cf1958-0562-5a2d-9e9e-7c08ec5f3c7b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:99b4a9f1-5fcf-5969-9828-b92f75e3c915", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:58f604e9-6fc3-544e-b01b-4caf7866656e", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e715141c-1504-5e0c-93c5-d3016e663a3d", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73d24938-765b-5352-b065-3274ec54759f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:356d8486-fb83-5736-87e7-be360213cd5f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e75494e2-b931-5dfe-87f2-990c570609f7", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f664db1-f634-51da-aeef-446aa56fd0a8", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e9b94ba0-c0aa-54f5-8d14-e5cede9e0f1a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-repository 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:eb2c92b1-ad4e-59df-adda-35ff5463c968", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de219b82-5527-516c-9329-b0e75011f8a7", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-repository 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:80db3dfb-d251-5bdb-b285-361203de52a3", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cac4ca1b-ea0a-5231-a302-498d750f4e9b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-repository 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9df22ddb-7593-5c66-b989-9b3e322eb4d0", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ca92c6e-800d-565c-a91b-b5779e423752", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.1" } ] }