{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2d2e973a-f077-50b3-92a0-1955e0d24d2e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-databinding", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:25f00a6c-cd0a-5e01-b0c9-d061b3f4032a", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bceded5e-fb58-5fe8-84e2-69f398d640dd", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:988b01aa-7112-55f9-b04d-ec7bc2e22cc9", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:25775103-1a2a-5abe-8c0c-db3dffb0430c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4e0eac5-12c7-5a0d-bf54-8c4212cf2c62", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d5a2822-e559-5653-96af-437ff05b66eb", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6a76513c-8888-577e-8656-78363b9e9024", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce497b6b-2c68-5213-b38a-749c53bea305", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8ee67b88-1350-5e77-b43c-fac8b742edbe", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aead5934-eb84-503e-a9c5-56f00f81bbb7", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:36909530-fead-55dc-a425-91ab2600ac6c", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:613f0494-cf82-5374-a28f-55c00954846c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dd0660d2-49c3-5923-84df-6bb7a5d805cd", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:da37d59b-4d9c-51fc-8ba7-e3386395db00", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5993b563-fdfa-5191-b260-838b1a8caa4a", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2ddedbdc-33c0-5b90-b03b-be2ebc0dac64", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59730ae6-23a2-5b86-87d9-9df5cec646ac", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ec06a5f-b4dd-5a50-bd03-9bb31b26d678", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3479cb79-4824-5f21-9a78-a1b994fc39ab", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b124ed89-1bba-59fd-b7fb-8284e5cd8536", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:73c10551-a194-5173-a51b-c20a50f4c306", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cd64c355-baf1-5308-8327-ebd8ecbeba5f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c31e2aa3-7d2a-505f-9eb7-d9e3380189bd", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:38ffa710-4208-54d4-9806-b2a2c7770c52", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f322dd86-e34b-54d1-96d7-c299657fd16b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6504fee9-2b7c-58f3-8b6b-eaa5cf4df430", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-databinding 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2f59064f-893c-5ca9-890f-2a61c94335ba", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85a135c9-dc70-5c53-99f5-55c6a09ba726", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-databinding 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2dc0bf0-e561-5f40-a638-8692f0e673ce", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:defa853d-16c8-536b-ba4c-63a130ae17d3", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-databinding 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ac339526-ade1-5724-831f-ac2e5736a727", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4e4d5f0-ee65-5218-8502-f6adb7344c99", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.1" } ] }