{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:29d061b8-6ade-5c71-9e73-8050eadf0126", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-repository", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9e64e028-f62a-5a5c-b10f-adc4dcca0584", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b3729cc-0044-5431-ac60-8f684707d26a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29af74c4-7364-53a4-afdd-e12f3bdb0ffe", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f07f0f9-4b31-5176-81b6-6e0d3a96ae7c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7806da80-16ca-52f7-91ee-1ac391cd97d2", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:de15e52e-c4fd-5368-bc38-2accbc6a2221", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e32aba6-d4ba-5c3d-8f36-30e0bcc4f47a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d4bad1bf-08d4-517c-9e2f-633ca02dd97a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c624d63-0813-52f1-9ab9-a28723a3c292", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e6322726-79b5-5924-b53c-b5a634f93160", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b04a9092-f30c-57b9-9cbb-9fde35d9c8ab", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22bd8e4e-d87f-524d-8ac8-0dbdc7687727", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7816ddd1-43fd-5574-872f-0babf206a523", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84565f88-01ac-5f3c-b272-7c3fcef6fd15", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88f8808c-d8e1-5f11-bad0-960da4c660a4", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:551ea6b5-65f7-5358-bbbc-5fee4432090d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2150aa3a-b0c0-5594-8bac-603ffea4f23d", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0dbbe9bb-fe37-58c3-951a-647f263dc404", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e775dcb-a72a-5bcb-b9f7-a72132594106", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:987d9413-3ef8-5c7d-b2b9-e3a2279c62d6", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6d8b971a-a289-5cc6-a6f5-61be573a3d11", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e76002f-a922-501e-b6be-951eb879fe3e", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43a73e45-b7ea-546a-b2f4-75bbea60a8be", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:25a320dd-3fa3-5ce4-a1fb-32162c10465e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00888a12-ee75-5fef-96ac-cf647d511619", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46c3cd53-f87d-5ef7-aac5-01dd9b39a11f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-repository 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1873ab26-afdf-5791-88c9-fe32772d0ee0", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a242babf-801f-5d2e-853b-80cb326757b3", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-repository 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2310f355-9a15-5459-a374-e3399b5869ac", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b466b60b-f0f5-5eb1-b944-ff07a5cc452b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-repository 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57721a5e-dbfa-510c-a632-b1faf76f8f32", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60466c9c-1ad7-523e-ac8c-ec559c2a1829", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.2" } ] }