{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:abb71137-0bb6-595f-8823-13800428bd91", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-bindings", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:307c460c-20a0-536c-a9c5-055a0ea2a944", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f14f077-76db-5466-942a-0e0922f0c43f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:373d3083-dee8-5e19-a3a4-c2706336918f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:49203f97-fce2-5b51-88b7-b8c1cdd03917", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dbe5585d-e54f-57d6-99d8-607ff9423c53", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fccaceb9-d080-5ae7-9f32-d4e740838129", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:486af3ff-a0eb-5886-9028-1c3938f6b024", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38834c76-b8d7-56ef-98d4-d31ec0378fa5", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7db8edf4-5876-5e8f-9044-e8ae2db3ca01", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:682a1b9d-c4a0-5459-b639-8af5fd332030", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a7a307e-228b-5b57-9853-e588d7523053", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39507544-a5d0-55e1-b4ed-1b6e061435e8", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:01e399ee-942b-54b7-8ca1-06a2a8558ee8", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5dbe5119-4c2b-5fe7-8abb-cfe03fe59dbf", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9271b28-51f5-5730-adf4-646765398c49", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06a2ef3c-6814-5760-a455-c0a0d9e1f1e0", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd5526b7-5a4d-5eae-b0af-be6909a7c486", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ffe4281-8849-5a01-b075-df7ac793765b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c30b053a-d730-50af-84b1-751088be64ce", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1af6bff0-39e0-56a9-810d-75ae13ced9a6", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ef9040a2-3282-5ea5-943f-68c272486b83", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:91fe143e-a8d3-5641-ac9e-e430586f941d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e558399-9423-5ceb-8ae3-9f60f24c4b76", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c398828c-b26e-5b9b-b7bb-828937275974", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7074ef8a-e964-59a0-99aa-c6e570518ed0", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ca069f53-0cbe-5711-8228-32cc7aba7b5d", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-bindings 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb304df0-b978-53aa-ba06-673e8b4428fb", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c2e727c-17ad-5069-b07e-69ab526107cb", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-bindings 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d3641f4-a455-5c30-9f00-95669c7fa04c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c84e8d88-a7ec-56ec-9d6f-a804c465d80f", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-bindings 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21f93eef-cc80-5308-abd5-6db7e366fa9b", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3ab1433-55da-55be-9114-fce760d97061", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.1" } ] }