{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1b89a459-cd0a-554e-bc84-225c03815508", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-bindings-xml", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:eb78ecf9-e7b2-508b-a0cd-281b00935825", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ede6aae-9769-5cf3-b796-75d8e678adda", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d14f903e-a6b8-50cf-af22-691eb740bb95", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb008a16-b4f2-5ef2-a662-b18c834ea467", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d67cf986-c4b7-5572-b05f-0775bf818cfe", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:377313c9-e119-561e-b037-66fc09d80e08", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:839d015e-11d6-5235-93e1-9e39e2395d2d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7cdb7b15-1748-5590-a939-08683e646771", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:032029d7-e944-5104-917b-b81a33246521", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb4bf94d-d70b-5c7d-919a-bb34926c1744", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b3f8891b-7baf-5764-8c41-1584db03564e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbece18e-75a4-5f48-8dd8-8602c046022e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94247a4a-11ac-5705-baf0-4af59f832ee9", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8fad51f6-4c60-5632-b710-774d0fcd1c21", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1bc470f4-06d9-5fc3-8413-8e69f293835d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a34eae1-f904-54e8-b518-aaa9001dae0b", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8c9a8b5-5192-5250-b61e-5d7c07c9f4e0", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-bindings-xml 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d79b173a-3cf4-5fe5-899c-ad0ad34c66dd", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7b8f9ae2-0700-5723-b711-43eca3411ac5", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c69fd54f-78be-5745-8785-8db371732e8a", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:518cd3ca-caef-5054-97e0-7ca7966fdc2c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a2aa4cac-8f70-5e49-88fa-26b91ce7ebdd", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ff4a123-7217-5838-b909-a0943cf64634", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bacc0c7a-e2bb-5452-ac87-747c44f58d1e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d745d9fe-d21c-5147-b39c-a589df38ff14", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66e80ffb-efb5-5bcd-86e8-29482aac7332", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-bindings-xml 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1c398c53-7c5a-507f-a20b-628dfb8f467f", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94cefa9a-3b09-5e2e-ba8f-b898006af5a0", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e64ba858-b9bd-5d49-b701-ad85fc89f49b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06a5f7b7-3e4e-5cfc-a474-51a41d10a4ee", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-bindings-xml 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57a374a1-d819-50c0-83bf-2b1430001451", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f6d1c728-67e9-50f9-bcfb-98050a148fb9", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:030a098e-0cde-5a3a-94ce-9ea744ab22e0", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a98c7a2d-38a7-54d9-af72-dc3bb288692f", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.2" } ] }