{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a6444284-2b24-5fde-96c5-673db6e2e05c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "cxf-repository", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fe572f61-5593-58ca-bb19-7b75fbaf2975", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cb021fb2-647c-5231-87d7-cd031fed9c43", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:761902a3-79a7-517c-b8d3-7512a040d55d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a65f4e90-489f-5ca6-891a-9bc95e023869", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7833e043-d2d4-50fe-9485-7a1304c5c715", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:eda0fb45-513c-5554-a2c0-9e12a1f3a949", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cb13e93d-6447-50e5-bf3c-3bbc09803392", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b5589e5f-a8fd-5cb2-af6f-431ccac24257", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8b63fc58-90ec-520e-9cc5-e9313dd376b4", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:90572f66-5239-5d87-9f07-5410da4211b6", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0f1823b4-ebc1-532e-86ab-8de3a7ce88f6", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:70e6334e-1da9-5d10-a61e-95a7178c33f5", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:977ccab4-49f8-5c36-a8b8-71d4f3940e57", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7bde8275-6b60-5e69-a406-00a26d1285fb", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:96be9ba6-7b35-5abf-9f80-5a1b6426cc91", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f91fa26c-7d47-5a6c-9904-d5bcdf32c803", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:31033f80-d780-53af-8a1c-ea7746c9ff72", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:782481ec-7fc9-50d8-a4c9-5311c22a38f2", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:91b19223-35a2-5ac5-8b1c-be445427cdda", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:334fb24e-7b95-5e4a-a1ef-820f52ebef87", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:09f48869-cfae-5797-a71f-ffebfe9ae680", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1967e4ce-441f-50d6-8b53-6d8c55a1d3a9", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b5461810-4953-566c-a7fc-ea721cf43374", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f408e7e6-51be-51d6-9b73-1eb338d26af5", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:54834b05-5dd4-51d4-b49b-9495cc0653cd", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:268e2860-3f0a-5590-b9e3-bf0cf913045f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-repository 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:be29d9a5-0ecc-56be-8b12-b0139eeedffa", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:42da607e-d7a8-54d5-b599-140337731469", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-repository 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7d470bba-8fc1-5191-a554-bb3537cdf5c3", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e32fa38e-2d96-5b39-8cc5-329572287b76", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-repository 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cf7ba6fc-012f-581c-afbb-721dc0e0d4fa", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4fa90c62-9fe1-50e4-964c-0928c9817560", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-repository." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-repository@3.5.11-tuxcare.6" } ] }