{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:36d01d9c-d1ae-575d-8fb4-222e6797638e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-bindings", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c08cbb3a-a24a-5889-86e4-f18bb29341c8", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:99859eda-8ada-5df4-b411-c91670f9a953", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f616c4a5-75e8-5592-8132-0e57a5476095", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1d3b2741-06ed-557e-8245-53031133ed0f", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75c23449-63d7-52e3-8e34-9826a2167222", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:058de707-d954-54f7-b71d-2e7b0acf2cff", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dbefcf74-6582-5de5-8966-e1963c9648d2", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:df45f11e-4a8a-5fa7-bea2-5295f892e1b4", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9759a993-6aeb-55bd-9131-cc1f657a34b6", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54aac175-8d37-51bf-99c9-d7acd9379d1e", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f26f8984-afc5-5a9e-a152-58a1b2fa7338", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09985ca6-6185-55c2-ab8f-01aec392b94e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a25932e-bc8a-5b74-b128-54a9bc2c9f6d", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80198760-df19-5efb-b222-f9b292282ed9", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1d638f1a-590f-5f30-9b3d-0180bd235424", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:36405a6d-d52f-5725-a354-ceb92b0df484", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e53696a6-0299-5d26-9a55-2814622d7bd0", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:caddbbfc-2b1d-5494-9652-d534c709ab5c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:301f68d3-0995-577d-be12-fd9c5b192298", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0d8b40b-860e-5992-b772-8f129c0d0790", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a820bf9-84db-5cb5-83a4-440843ef3853", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e04f3106-fac1-5831-86f2-bea6e8a21152", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aab10282-9829-5971-a9fe-53d6c46a62f9", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ddcb182-276d-5ed1-8cb6-e6a05be7c4fb", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8394029b-ef66-56ab-ac9f-6434af98f56d", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5ccabeeb-1eeb-5670-ad43-2815ec04b5e2", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-bindings 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7fbc4c55-f1a1-5f99-9977-b1874aa6de46", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4e9ad1cd-868a-5ab0-b3c8-5d3f5c1afb53", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-bindings 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5a5ef8ad-9d61-5646-971c-63d11c255c2b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:88e5000e-0917-598a-b98f-9e537d8dc44c", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-bindings 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:264d9c66-56d4-54ac-8273-9fc2b8283ff8", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f55bb7a0-bea4-5563-951a-9b58f62f6dbf", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.11-tuxcare.3" } ] }