{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:30e870fd-1596-5479-84f1-0222b1617e4c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-bindings-corba", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b5e7a876-71a4-5f2a-8e46-29f6232516b5", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b49da8d-ae64-5e2a-9cc6-b7595483aeb7", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9e05315-8fe4-5cf4-973b-4455fa453932", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7dc2da7-ca3b-5dd7-9968-3869bf9a689e", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b4c49a7-d58c-57ad-aa02-5dcee0edc9fd", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:594e31c0-88bd-5010-906f-aef81c621388", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:563bf6f8-f8fa-59db-a79b-f828db9e05aa", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92e85ec9-c295-5a0a-8dd2-86e0875e7eb5", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79d22136-8c14-591d-a9fc-fcf8cac5782f", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0d90a94c-7b46-5123-9dee-988a23b20c1d", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0e889603-586a-5a5b-8a9a-3278694dcade", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7f48d503-9d2f-5db8-b70c-7b6f26be4081", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9e10bf8-9322-5edc-af95-e233cbf44f89", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b7b5d247-7301-5cee-a0a8-1c474c36828f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce70e693-e99b-50d2-b966-2a21ce64bb05", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:469f3c13-24d7-5eeb-8e6d-bdaac7493682", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fcedb439-a7cb-532a-ba55-14801b48d341", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-bindings-corba 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7ac6448-0937-53b9-a3f8-175588d1a19f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:df333e03-8749-5b62-91e2-aa272338f647", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:46949eea-7eee-59da-b54e-61bb35aa1937", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59e4d4f8-ea79-5237-b335-7cd2f8c8ae43", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0da66e0-551d-5328-be0b-096ccbc1eedd", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f0b533a4-a59d-5e5c-9e7c-660f0923b9d6", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e66a726e-54c0-566c-9a08-808c838aebf7", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ab469e4b-6a5f-50f9-9742-4a71a354a86e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6bd0c67-51f8-5eaf-9430-3feb0f7c508f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-bindings-corba 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3d5ed1d5-3cba-54f4-a245-cd33f2fbc1af", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cfa12856-4c80-5efa-8945-4b51f3ba82cb", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba5a77ae-0e56-5390-bd2e-875de6aefdb7", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1122ac17-7c52-51c7-b0ef-7832d4006f6b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-bindings-corba 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7312129c-1457-53f3-9d65-f94c2347e893", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:235b171a-d7c4-5075-8382-2808d7b94430", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:241d780d-6e73-5d4b-b772-7e2de5bc1395", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:53cafe53-dbff-5349-b624-bd16f4caa1b4", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-corba@3.5.9.tuxcare.1" } ] }