{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a8d61ccf-edc9-5ad0-b00d-befc0da3622f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-bindings", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:84882b6b-9566-51fb-89bc-818298de4164", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af0fa189-ba00-551a-8661-86d9805f5224", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce46a084-6b99-5af2-893a-99e5e70ef10d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ee42d08-6245-590b-9906-f551a7da5f66", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc1dd1bb-875d-55e6-ad98-db83d3a4989e", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aa29a48e-5ae6-5c3a-85e0-d503f5f23522", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55810b97-2b6d-5ee2-9619-8f85f1cab34b", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9ea5761b-9d7f-5908-85df-83b7d16ef89f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:46a712ca-c46e-5e0d-a0fa-95744633edc8", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b02d7ad-1045-535c-91f1-429b85cc2ac3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18929ee9-db2f-530f-ba73-e77e7438114e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:60cfbcc8-f9e4-5db4-a54c-a7acd64d3dc9", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c6f2dfee-2e0a-564c-82e6-605dde1f4021", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:75e67531-99f7-5017-9014-3afa9585b736", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:50b34568-70f4-5a9e-91f4-11acacd95499", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a18562c9-ea66-5f76-bb7c-127a253cc5c0", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b279ea17-a3a3-59fb-a86e-7382565a5564", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-bindings 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:72ceb55f-830b-59f4-bf7e-5c1671e82e16", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b15cac61-c7c7-5a46-bef6-d8edd61c0918", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba140c69-f5b4-549a-bee9-d9a6c5eebb46", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1257fc75-2d77-5a80-8e56-f8df409af158", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:894c12f2-e01a-5a12-b382-fb61f5ea43e9", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c4329b25-d89b-581e-b92c-ab37b6a51f58", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2b7287a2-5982-5392-9179-8c99224e6161", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:02bba183-1eeb-503a-83aa-598c1a990ac8", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20678e86-7fd5-568d-bc1f-3a833a34f342", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-bindings 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4dd5be56-0cd0-5e0b-b791-7362808b7248", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7f35bcd5-b021-5524-98d7-627c96403e05", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4228e5d3-7011-515a-8db5-5dee0d5ab4cd", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ebe66711-9e00-5eb7-aeec-61e8926a3c8a", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-bindings 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ffc6d96d-e6c8-5f30-871a-a68056d6aecb", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d8b2dc19-476d-53d6-8dc2-2b9c8a824954", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e04f6c30-9ab3-55af-ae8f-aaeafecfcaa7", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae44be4f-6bfb-5ccf-ab8a-d1aea8940d5b", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.3" } ] }