{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a73ae43f-3504-5046-8ca6-50b91d0060a3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-bindings", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f0238935-a9fe-5ec8-9267-cdd597b62260", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9f11581-4ae5-57bb-ae34-0a4976f4b8c8", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb8a8e27-428e-527e-bfcd-37575f49ea2b", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88f589c0-0527-51f7-b919-d9ff020ce486", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1dcef7f4-c996-504d-9335-7acaf23c094c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef050caa-3b1c-51f8-944c-8ef6af547b71", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7af8f59-a599-5903-81ed-6879f5292c27", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:635ddf75-9e34-54ce-ace6-d3eba60ca6c1", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:168f0e65-48c2-570d-b32f-4f161724b422", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:acd1393e-3e20-50d0-978a-5380b745a092", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:079e258f-5d51-5d39-9671-e492c2280926", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6afb8ab4-6a4e-533f-b586-4e1d4c81eac0", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9cece898-98e7-530e-9c84-b0dbfa396712", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e89c538c-22c0-5ade-85f9-a19fff8f7625", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2b380934-cdd5-5dba-ae27-b15be6953a35", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a2c943b-707a-5566-ab35-1c7ccf23f5bb", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a15695f7-9c4b-5e61-a617-70b6ed62f950", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-bindings 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5887b2f5-47eb-5d19-86e8-cf8350b2b18a", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7ccc1c13-745e-5294-8e45-ec79d45f656b", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b086f41c-9533-57cc-bcfd-a16b038a36cb", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ad44516-fd1b-5d88-9888-14d886279b62", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c1ab1237-9da6-531d-8d8c-71365e9feb1c", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7f259952-2806-5659-a99f-7d9a04a0543a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7f70c08-9ba1-5e78-9abe-2a50fdee3ef6", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:275affe3-e759-56b9-ae71-97346182e4f0", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:978e7e48-2dde-5a99-9f36-17eb15aef213", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-bindings 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:84041164-fa0d-52f3-94cc-b3a4a29f51d3", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f5b0453b-c10e-57a7-ab3b-1502e71dc3a1", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91d48db7-9358-5073-a23b-d9062003d804", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:057cec81-ac22-5b03-bcc8-468b49494111", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-bindings 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1ce129d1-ced3-5889-bfcc-b4bbe569cf5b", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20fbe9a7-e390-5bf9-a0f5-da0c4673852e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eb67b772-ba40-54ba-8b3b-cf91e9d75d9c", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fc5cdfcc-8ef7-5836-8fbd-5f52ee2883e1", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.2" } ] }