{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a88c8ece-4b95-5bb2-830b-3ea9a99596bd", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-bindings-corba", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5a99d7db-344d-52da-909f-161cafe212a0", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d5197ca5-b6d3-5adf-b2a3-49b20aa5adba", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:30736a63-440c-5669-acf7-86f45c355e59", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:14234962-5442-5a4c-a495-3caad6ef58fe", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1aade15b-418a-5e44-be64-c915a21c92df", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7adc4709-5170-5af7-9408-70f444234695", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6b35fabd-5947-59c4-af65-c71976f889d8", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f38d19b4-d3aa-587d-9f3a-dcd6408aec4c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ca890be-f703-5dcd-b1ee-7c30ee3865eb", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f3a0bc6b-2ec9-518b-b6bc-c35c493f9d67", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4083f544-9cd5-5052-91d7-be5d6f6834de", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b7ff4f6-9d99-5bb2-950e-146dddea8094", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a00fc012-893d-5432-9387-5440d3745dac", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6993cdb3-3da9-5761-8f8f-aa7a50327344", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:61b84c91-9e89-5766-a732-a32875286ccd", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:16babc72-7ff6-5df1-b853-de4ca7a38c64", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e285fe29-e15e-58ea-8c99-eddcae994ee6", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-bindings-corba 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6fbc38dd-fdb9-5144-b2b2-bbaa9f80654d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a3753765-64e3-5360-aeef-d5b0efe4781f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ee0b8307-7e0f-5381-81df-f48e5dd250c1", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:434108aa-22ea-52dd-b06a-961a2fdba4c1", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:483b72de-2b60-5879-a761-cc24c983b98b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:af9e4d03-69aa-5e2f-91d0-6026ae49edeb", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f1b49ece-9154-5c22-882b-55f08c7ce0e9", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:de9b764d-c98c-5b76-984d-02022f742bc5", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:08a8c04c-2462-5e37-9181-e212fc3d9db3", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-bindings-corba 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:823a689b-7fa6-5a44-b3b7-8310f443be13", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f7cc59cd-49bc-592e-82c3-912d3b6b79f1", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:85cdcf0e-f192-5365-9c6c-24f752ac0d18", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c8d14e5a-ff25-57a5-83ab-f7033ec6d6f2", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-bindings-corba 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd31ee6f-eba2-577d-afd0-161f9e162fbd", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2fbe5a9b-3892-5036-a4af-c3fbb4334f0d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:92cfff8a-20bb-5551-ad5f-f2563c196542", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef6c4c67-92a0-5856-9119-1ef7b373d964", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9-tuxcare.4" } ] }