{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:852eef97-2cdf-57e9-ae6c-6fda50094948", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-databinding", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c7bd3f7e-b88c-583c-b0f5-121cd61c1dc9", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:27f3d5e5-1614-5a2e-8045-9528a7c65fdc", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9e2a8173-0a1b-5b98-b1a0-ff8fcb3e4a58", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:488c1a4e-189d-5d9c-aab9-1d02cf8be557", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4cbe3424-e628-56d2-a9b6-d5a3b7e00d53", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60c01097-93ff-5e9c-819f-86e5ffa0093b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec09964c-4734-536e-97da-84fd2c29cb26", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:47639904-51e6-501c-a191-959f02f50740", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7756947e-382a-5afa-ac80-20d2b4d763bd", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05825ce5-7b33-5b6a-80d8-01362a786dd3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:553f3ebf-1140-589c-8c8f-64cd7a1d4cf9", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b813225-d32b-5b9f-9b14-817c310bfab0", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:145ad725-650e-593a-aa86-f03b296bd2b2", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a927085c-0972-5ce5-a2bd-6c1cbba9d8cc", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13e7da9c-9b3d-5c9e-8792-d7c834665a0d", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f91815c8-c30b-5fbc-9e12-6a25df79fb3e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c51e08b2-a4c5-5582-9af1-a638af7f0f93", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88b2bee2-4e05-5020-bb46-72b3f48d81ac", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:373eb911-00b0-5b08-b57a-05187f6c554d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba350020-31c1-5f8b-bdef-60e132c6ae8b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fceb71b7-d0cf-50f1-b8e2-5398f9121c39", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e833c4a-4a10-5707-8ca3-8843fae6cbcf", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a40ef8d8-dc67-5a33-9316-f3c618696239", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:783faf16-4af2-50f9-b4de-ac7b09865444", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f4ca119-841a-5775-beb6-c977b7ee7718", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fb1500e2-84ad-5afc-882f-7dc6ad0ecfbb", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-databinding 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a45372e-a730-5763-b52a-c9ea4c969591", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18a15d4f-f561-56d1-86a4-299e10a879b5", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-databinding 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b921eb18-8dae-5ddc-a941-d9bf07b488e7", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dbf6a547-5115-5a18-b256-dba791fa1bf2", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-databinding 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45a73b42-25cf-547c-ae8d-48445e378fa1", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2c925a24-af12-5ce6-8693-2696ea0c09c1", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.2" } ] }