{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5472f645-f468-51c7-a6f3-387772c0e082", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-databinding-jaxb", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dbde4709-0b2e-5aad-80d2-45f3a0682232", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4304c81f-2f9a-512e-bfd4-a0a833c63641", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0aa5d83c-e354-546e-9be7-22c1426758da", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d097fcd7-55c1-53d4-9bd7-f29047ac43a4", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bb0042c9-68c8-5d2a-96ee-6c342461eae9", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:00c39151-2182-5a50-9aa4-8b9f28c80108", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f0d4099-6a9a-5014-983a-6b3a62108782", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b496ba4d-492b-5f3c-b60c-8bf71caaca8b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31efd9b3-26eb-5725-adfd-d46faf63655c", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9771926e-3a1d-5259-b0a5-bfb95c0b0633", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9fbd8677-7257-51db-82ed-cd117b283c4e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:607ebb9e-71b9-5df6-a65a-009189eb0012", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:909ec4e9-aaf5-5dc5-8241-865fc4408322", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2ffa6a5-a115-5bf3-b9bf-91c8b2bb7436", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d4b35840-b6ce-5987-8c5f-f5447001d7d0", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dfd01d0a-bb5c-55f2-b63b-5911850351bc", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:78f183c4-c011-5269-a628-a5e8b17c8ed1", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f558f6b8-2987-530c-bafb-9d662d437044", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:315fb484-6767-522d-95fc-6075bb5ae219", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b669517d-935b-52e6-bd9d-fe7aa8c061c4", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e7ef426a-b8b8-5286-9e0f-f9d07d72af56", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17b71986-dab5-5ce2-a0eb-e10979c29319", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8869bb0-ae17-5007-94e6-994cc7fca251", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66da1dc3-96a1-54c2-9cea-97076eebf762", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d6b47be-25c9-5989-85b5-724faeeb5814", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:577d8545-60c5-5a3e-b0cd-0e14af08a1f3", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-databinding-jaxb 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:adcd09df-4f70-5eb0-8a7b-0a0e94c6e536", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bfdeb614-e77a-52df-8b56-66221278dc09", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-databinding-jaxb 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c42622ca-ff98-5b90-bca4-1145c074d39b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef2aac43-871a-5edd-abb8-ae5251f7e919", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-databinding-jaxb 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f364ba97-deef-5aa6-951f-c8f6ac233fe8", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:089b0c84-d047-544e-9ed6-d20c58b60872", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.11-tuxcare.2" } ] }