{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:14a433b8-a717-5a0f-be8b-743850662c54", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-repository", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3af846d7-a423-59d2-a9f9-fff943398555", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b987c58-cfb2-5f82-b910-ef5eb72b1b9a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3b431d26-3397-588e-b4ab-148c86e9c084", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d781eeb-9f1a-5030-acad-e9a365234384", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4587825d-c365-53c2-b4af-30dbcb6d920c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e31e5de2-a068-559e-ad3f-e66e8cc1211d", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3bfdd59b-acbb-5ab7-9908-0f2d8a3dfedb", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:399d46be-c95a-5380-b3e3-31299a2a08a9", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6249ffe2-73cd-53cd-92fc-8cee6a5d36af", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b16b2ad9-ea49-5e4a-ab44-6cb6812d3f34", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c4ba63bd-ee0e-55de-a2db-59687c713b7e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:abfc6354-6323-5f87-81b1-9b21d4b37c85", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c6efdcc3-e515-5be8-9b97-15617575daa1", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:79bd8ec5-1dfd-5303-ba37-4df43bf0e692", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cd1a8024-80ed-56ae-9db3-f160be647894", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b5fc7afd-1d8a-5c94-a406-cd54d3ca65a8", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:63fcce9e-5963-5a7f-bfc7-1c187c890567", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cff4daf0-010b-5e37-9969-fa75d80a2cf3", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0649c478-3384-500c-91b0-e45b2f72a059", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bc78d82f-3396-5dfc-b64a-5db73fd973e5", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:77cfd137-0494-52e3-8155-6efdf96fe9d2", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7be8dde3-5606-53f0-9aab-18385bf22ba3", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:892f415d-1bb3-5294-9fba-f54c3e5e7a91", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7c334eee-0952-5662-a742-6cd1c68cf7d4", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:acd80899-f4cd-5932-b59b-1d06996ae81b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cc6fdfc6-2d59-5636-810f-2cc1cbd47b8c", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-repository 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:453ba1d4-52c6-5737-b6ed-501bbbc6568b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7f058f70-59e5-5f0f-aa38-0a71cb4dfa91", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-repository 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3e2ec24-0e2b-57dd-a8aa-d9dc857f550c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ad3fa2ab-9c29-56c0-a97e-3bce5d9b4797", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-repository 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b70d90dc-3577-5274-9dc5-0a38ff5f24ee", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07bcc497-06e5-5fac-bafb-df22a38f8254", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.4" } ] }