{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bb343ed7-787e-5c37-beae-78189de7f86f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-bindings", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a1395697-0c69-5e7d-b3cf-fae9c4315c86", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cd6b615e-aed7-56be-a3af-34519d22bb44", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07d4c899-0e03-55dd-b8c3-6a0b7824b23d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ede75192-6bc4-5685-8ac1-b241122e80eb", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8994d694-5ca3-58a2-a59e-41fe10389577", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9ef287f9-8d2f-5b45-b2d8-d5daae1a6bdc", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d243b17-2019-5cbe-a6b5-e4ebdc9a0869", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b9fb4c5-193f-57d0-8f9e-72525c6e5299", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d16ca96-5e52-594d-98bd-dfb4bb49ebf6", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:10caeb65-ae9f-511e-bfa3-63292ce66869", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff6918ae-5ff2-5e2c-b4ab-15a560302a99", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b6cce72-d116-57b9-9968-d0744417ac70", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b9af7aa1-ca7b-54e3-8497-88107b097f3c", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:607f3ecc-999a-57f0-b475-ef29a3710681", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5f3ed6b2-fe23-5c72-ba6d-13f3958b83d7", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:29ffe5aa-ebd2-5d56-9571-1c2d4621965f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d2a16fa-2c43-57f8-9021-342c142b9ac0", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-bindings 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a27a03de-c26c-5484-9950-4238adf4ae3d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a01c3e6-d856-5358-b078-ae55dc365727", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b65775cb-99f0-5cb4-8ce2-322ebbf16da7", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07d9bb6f-a255-5be7-a86f-eedb0f3c5f71", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:57b0634a-3411-54d5-8438-edcc71154334", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d1943bda-ba13-5ec9-8602-15c063e5f62e", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:74634d53-a507-5881-a03d-fb8a2d62e673", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:740de2c1-5c08-53dd-bd20-f7dac6d742c2", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:161d1c0e-568a-51dc-8b7b-819095cb13d4", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-bindings 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:032954b0-4b83-5869-b433-4e6ec1e9afbf", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ba5583a4-c48b-566c-a61e-fc2d94fe1454", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:602071d6-d7e8-5147-8c65-6ddc56e74526", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:182d3adb-f8fa-533a-a95d-84362591ac6e", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-bindings 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a4a6afaf-43ea-5023-8a7d-2917e4755e37", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e69cd10d-d4b4-5fd9-a633-1eaf3ab30d2f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e86a289c-8688-5435-9b42-a8cabfc4f278", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:353bb34a-9516-558e-b6ba-0112fd17f655", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-bindings." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-bindings@3.5.9-tuxcare.4" } ] }