{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:312b2888-c644-59cd-84fe-2eb8b7d0cb32", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-bindings-xml", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:35120a41-0140-5372-90dc-ee06523b6790", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ad32e675-3c7f-5360-84e5-af319d01c736", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0ae030c0-77a5-5799-8a68-a1e9826eb112", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d714407-874f-5388-8ed9-13d10a3b8743", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d6129910-8fae-5ff9-8b7f-853f5371b66a", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:62f660d6-a85f-542e-ab55-d3b32ac1c01a", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:016080d5-ca74-5703-83a9-8951b0a5eec8", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:854a7387-8afb-5360-a91d-3dfd2da7c953", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5e1427b7-3b78-5624-9777-98879156e376", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0d55fe1f-5d38-5052-9f23-42ecec656461", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:647aaa23-6f12-5f6d-9310-2495dc7089de", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2df215cd-5358-59ad-bf7c-64f19972b33e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:15ccd760-6bf5-5988-a0bc-d1ce90eb2450", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb28e42a-885a-5c15-9c04-108a799d289c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91b969c1-71fe-5aa2-8409-3ecab7761d7e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:50067cf6-e578-5904-9702-f0a530ce3e9f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ba7eec3a-006a-58f4-b8a0-d8dad5f3af50", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-bindings-xml 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8659e89b-92bc-5572-801a-c209889c76d9", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:85a05dfd-c40f-5522-a6b0-d4fa3a462b13", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:08f337e2-27be-58f9-963c-27a94611f06f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3fea5a35-5135-58b2-a11b-9b6e3ae487da", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e33339d8-e7d6-5060-88d5-7859b9ec0006", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0c8ae94a-494e-50fc-b364-0977d2236365", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:53cc8fcf-228b-5c22-aaad-ab78ef3300ad", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6cada21f-325c-5702-85f2-c30645a5eccb", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6c8af522-3476-50c5-95dd-62b9558df682", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-bindings-xml 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9aef0baa-25fc-5fae-8c07-5424511b0453", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:008af96d-f8c1-591f-8b51-06e1253481c7", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fa8c08ed-b3d4-5cf1-a4b2-62d142d33d9e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:65829149-129c-5a73-a641-ab10de4190e9", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-bindings-xml 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:64155dc0-9c91-5dae-9edc-937a93d90b6e", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9b54ceb0-f9b9-57c0-8de3-a7c502de02b5", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9c6b726d-c752-51d3-bbb6-c6d6a7bb032b", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:525f69d9-7b4d-52cc-9b70-113dbd0f5cf9", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9-tuxcare.4" } ] }