{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9d31345f-6306-5128-9190-a7b0b247508d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-bindings-xml", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e9513094-3f91-5679-8f9d-6bca0fa45eef", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:71ee374f-2c21-5fbd-94c8-c31221123d47", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c891492f-581f-503d-b20f-970f56b6ced8", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4d228e1b-930e-5b44-a697-74a839124cf2", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f170bae7-a06f-5aa7-9993-f377868823c8", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91df5b14-887f-5894-a41c-92c048d980fb", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb1d3131-fc85-5dc1-a1f8-c0a4307540fc", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:10d452b6-908e-53f7-ad83-362aab868ab6", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a32a713b-0c85-5fe3-a7f2-28c94e2270e7", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4485d791-e45f-5e76-9baf-23db61f26932", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:44e8d3d1-d39a-5686-b3e1-6ccfd1a71d3d", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:18dccab5-4f46-5718-b3a2-e84db35c37c5", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:78f053cd-7ee2-537a-826c-51c77828938a", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5c91fb47-849c-53d1-9cfc-79b7fe6f64cc", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b379fa7f-d889-5c2c-917a-30d9aad70a11", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a5234c0a-51d3-5610-941b-69e11e6858a6", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b076247-40b0-5d97-ba25-b6e7523f00d4", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-bindings-xml 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:709af7c9-7bac-5da8-ba7d-df08134668ce", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:11bb850a-de97-5e95-b59e-eb0a7fa159dd", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e9ba92b-ecb9-51c9-ab62-655f55498001", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:89d4b3c3-7c79-5843-81a7-df85d5938cb8", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c753aa4-11e9-5f7a-b99b-52c3bbd8a842", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0db9648-51f0-5622-8c2b-dd3188cf6d90", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:69bf87b0-acdf-5f3b-a36b-6cb2f005c1d0", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ccd3af9-5eeb-527d-9bf8-79845b44d828", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7a7711d7-2459-58eb-89a5-aa26c3900c9f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-bindings-xml 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b03c8b26-ca98-5958-829b-ad332620c741", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:822da395-7f50-5fda-9546-5b40bb57dfac", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76591000-7105-5184-a33a-01165ac5aaa2", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a9585e2a-1490-51d6-a6c2-06981b8f2401", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-bindings-xml 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f088b163-67ca-56ed-8247-fbc60b693b0a", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23fc6fac-9dab-51aa-bec5-40d424642d88", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9ff8eaf1-b6ae-5ce0-a0aa-f69cc300bb53", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:519c29ed-9249-5083-ae5d-80307cff6886", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-bindings-xml." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings-xml@3.5.9.tuxcare.1" } ] }