{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:08a7fb89-3e63-5428-8b4c-2159e989440f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-databinding-aegis", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3acc20d9-9678-5734-ba6c-9a9d3b679d61", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:333f3865-b25d-5c12-8d82-8bc54b096ec6", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ec3314bd-25ff-5683-835e-1b342c6e9e93", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a558f3b1-3847-59b2-8e56-4d1560a74610", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cc359d5d-9def-52d1-988a-43110f913df5", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d7391ec9-99c2-5c2d-b16e-f522379167f8", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a744f1fc-6335-53f8-a162-d6b259582342", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:44ae883a-aef0-5b0f-a548-4873cdf78ed3", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b2081d83-7887-5c22-acb7-80ffdd1fa71d", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c23738b2-e262-5553-9d72-93c803cb4d2c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7d76d51c-e431-5a8b-b6a0-ca5d4c85a760", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8555de55-e564-5430-9a63-43f2153490a5", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9c895ab9-761b-5a4d-8c8b-9c1258da6b04", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1174365d-6729-52c5-bf11-fc264877bd39", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:eff61bf8-9c44-5655-a310-baa466354ce9", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c6454ced-984e-5d2e-9eb4-935ae1436ab3", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:dc56b599-fbcd-5599-b820-898d81b001f5", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:626da429-e71a-5cab-aba4-c2f32a5976c9", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e3a2d7c5-a448-5761-a59f-0a3acf303f0f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:385eb59f-4e3e-5d0e-bf12-e1977db4ea3b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7fbbfdbf-95a4-5696-9f3a-d2b3a0348a33", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9e436211-b061-5ab3-9966-2bf9b2fa0e53", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7e6f0b01-87a7-5798-90ba-71b449cb8c42", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9c9f54d3-1fa7-5e52-a0ab-55c2dfc58ebe", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:82c14f1f-9665-5732-9b7b-efa14b87493e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:51397227-4fb8-58bb-b933-dcca5cc32b86", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-databinding-aegis 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:cdd77ba3-602a-59ec-ab84-006247a614ee", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f18b8264-bac1-58a9-8348-f867273b851d", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-databinding-aegis 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8e680cda-5a4c-5627-8ec4-95fbdbf175d4", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6fe4c898-1ac8-54be-bf83-98329e0b73e9", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-databinding-aegis 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:dae4488d-cc29-5624-86ee-71bfeafb5ed4", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c2233050-29f4-515e-8850-d9a8024391b4", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-databinding-aegis." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-aegis@3.5.11-tuxcare.6" } ] }