{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b8c76c43-e3d3-564e-9cc3-73f5296e3804", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-databinding-jaxb", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8affcbd2-c688-5749-accd-7ebb417a5588", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d860c07f-c32d-51c7-842e-a22c5424ae7c", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d80bf531-b385-5922-b1b9-da5bf2bb03f0", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:444af680-72c1-51a4-8b89-3b57fcacf041", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3e922189-87c2-5b83-b920-76af2143d972", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:223099ac-d40b-5170-ae23-6359b8dd0b05", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ec2c948-90c5-5b6c-85b3-d8818be860c6", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:de54f7d9-90eb-5f7e-b18f-9bdd8134f344", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af368edb-504f-5fdb-b965-647219f4bd8d", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b352703f-e59e-5af8-9b99-cbd31afafd3a", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ce8f4150-d13b-585e-b15d-9581a041e9ca", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b99ea39-0584-5ec1-a853-fec4b1f15d9c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0b64bea-8335-5b71-bf50-9a6c9874d4f3", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:566e29ba-adb6-5b9f-ac5e-1c42b30fb226", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6279c381-9a2e-591a-9da2-037fda109e55", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a12fe37d-8813-502f-b0e8-a83e66e822cd", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bce178ce-02ae-57f7-be17-4bcb29c1875e", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-databinding-jaxb 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2ab4dd1-c8fb-5738-b90a-6030c7ce4853", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8d6b853-975c-5289-9f7b-c57bf030ae99", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09740bc0-7369-5d89-b3b5-d932446a419f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5af66e5d-0422-5dbe-a8bf-39744f75fc27", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f01365cf-21e8-5236-893b-55c94a546efb", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b3ef436b-edf5-5bea-92be-a2afa32ab8b9", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff03bec0-c647-5438-921f-02034ff48265", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f59367f6-fb80-5fdf-a2b2-b1c309ad9439", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:383ab102-c63b-5302-9fa4-c8c8c0d21ad5", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-databinding-jaxb 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04052364-3215-5f03-92ee-b08123199d57", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:58676593-4a3f-5cc5-a7ce-a7ee9a776dee", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d06f5a9e-617c-5b17-aa08-98cd593b1613", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:69d9773e-cc63-55b3-8b31-43772951d326", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-databinding-jaxb 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04d891b3-22c4-5204-a5e8-14b7af1c7ac2", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7e99f75-bc91-5d84-8aa3-70c819f9c5f3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a74be4c7-61a1-5da1-8ad0-b8e014216bb8", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7c71e872-f7c8-5071-a8bf-e377ad455725", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-databinding-jaxb." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding-jaxb@3.5.9-tuxcare.3" } ] }