{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ab9d8589-eb34-5f65-9401-3182af8b17c2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-databinding-aegis", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9a3bad2c-604b-5d58-a760-179c8bf9b8a4", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c9ad3797-7f7f-5665-b2b6-eefc94a1ac7f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:62c3be58-34ea-5f76-ae26-acbbfca20f9f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b8043c94-6ea1-54f3-9961-3813103e21c6", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9024f43a-cb07-5bfc-bdd9-fae835a66e99", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6f1e8b97-d58f-568c-9e06-251cb632c008", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:525c2fb0-eff8-52db-9ade-e469aba95f21", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cbfde6b1-14b0-5500-91f6-209892ab4a94", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3df8d134-c019-502e-859b-f120ebca0310", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f649f736-16a8-5d7d-bfea-02306e0b633f", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5ba39240-1585-50a5-a4a7-6acd579208a6", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4b1bcbdd-2add-5a18-831a-ec50466fc560", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f8689343-b020-563e-88b0-ef980badb9f8", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d64e0af-a70c-5d92-8f23-51dbf09b42f0", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0822ea32-34e1-5667-ac65-de9744ddf2d4", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0f812312-1f0b-5d93-8a76-ea62868d0658", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8f5e1fc0-cf57-55ff-8109-287d5c23beb9", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b25b50d4-d35a-5eec-ac75-df374f4a006d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5e07d133-054a-5d5b-866b-a09d7d0ca16d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0bef5872-947d-5891-990e-76097d1f7ab0", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f5e23a4d-3222-586a-a59e-26c8436e2a48", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:05a8dbdc-ff7d-5d7a-a442-970d82715199", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:27f46690-5ae4-5042-9c5a-1d48ec2860db", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:22d44071-af3a-519b-8127-a7390bc4c001", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:78c177c9-8d74-5eca-b7ef-76496a16f30a", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bf1da907-3c41-5c79-ba2b-c62edbaa84fb", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-databinding-aegis 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a92cddbb-39c9-5136-97df-0f4343ffc338", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:687380cc-4e18-55f0-82ca-c4b378fe8d68", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-databinding-aegis 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a6827fd5-a358-51d9-8f93-e14838ab2e9d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:99375bbb-9929-581b-88a3-2f855ce0734d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-databinding-aegis 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d89d0262-aca2-5a22-af21-ae78a391edb6", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:31a865d5-a207-5b2d-a2d2-1617997da369", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.5" } ] }