{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9a5c1fcb-58aa-57a6-b016-111036fdd554", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-repository", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c814a425-e303-57cf-8e20-4b7afe9c9a95", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f333e93b-defe-5a93-b602-3b5fa6d9e562", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:da26a07b-2f43-53bc-8bac-687c2972e7a4", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:511b5286-71b5-5272-a13d-0545666cc07b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d8fb1767-4442-5cfe-ab1c-dab9c54f5339", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18378425-71b8-5e97-b3c0-9bc2de5a2752", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ff29009-95b9-5cfb-a791-536bd399378b", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fa9394c9-ae35-573f-88d0-dcd1e6ac6728", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0781c45e-3876-5573-8556-cd4afd1163a3", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2e90b551-c798-5a75-9cf0-226390010b2e", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cd893a7e-d3f7-55e3-be5a-468e2db4dde3", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:407bb8d2-11b4-53d7-9182-940febcc7c3f", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af081a43-646c-51d1-af89-8e859ebf0dd9", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0cfab770-51d6-5ab7-9e25-cbab2fc85c97", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8690fdd2-4acd-55df-a214-0bf6a915e6a0", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c0c72284-5d2a-5cc7-bc78-25211967c930", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a9756ca-c3ae-5bc9-9002-2c9dbce64881", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ab26b3ed-79c1-5311-a658-42985229d83b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:afe2ceb1-0126-54b9-af31-025d9a6a461c", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1fa5cbb2-85db-5a6e-a362-c1c3347276e9", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed194dcd-c7eb-5c42-95a3-1a7565ad69dc", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6d042c45-5d96-50be-a784-c2040dcca791", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c61cb22a-2246-5a42-8f45-69a663efb780", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0cc8f93b-19a2-5cca-816f-50ead1add1ca", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dc9d39c7-f68a-5d0a-95ce-b2568ec3cce6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6408328f-ddfd-51ce-a958-f593320e32be", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-repository 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a61ae897-55a6-58fe-b6a9-edef8dff138f", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c7711e7-9c50-522b-9f40-31c4af021961", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-repository 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b550287-b84b-50b4-9c29-4f0eaf7147f7", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:201a10c2-8ebb-525c-9f8c-8830e94c2cfc", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-repository 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:588bcae8-4f99-532a-b4b6-685e45990b95", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:38b2b5d5-7bda-5736-9df6-6209668e771c", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.3" } ] }