{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:55694ef3-686f-59cf-9db6-aff31ce30eb1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-databinding", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:9ba85821-bc12-5a66-85e5-7494f2d092bb", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7c5c9bb0-28dd-52fb-8027-4eea0da0dbf9", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8de789ea-d7d3-5f06-a992-316b4d1665ab", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:02ddce37-db29-5083-bdd4-990c8cad6e3b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f14f4e74-8ed8-5168-8bc7-b8f4d1b530c9", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2efbbd3a-cc17-5035-ab8b-e8ca026159f0", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:086c59d2-4d8e-5520-bea7-ee5baffb6735", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5ed110ef-8cb8-54a9-b200-1d83a5448d11", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:60435b9a-7811-59ad-b03f-f25e824cff0e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d276d37f-9754-5530-a4d2-4af9c467cb54", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a48220d8-b2bd-50c7-a9eb-7097931d7ced", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2b30561a-d2f9-511c-a187-4cce9c5bdb16", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d5e6dde5-1947-51cd-9bf0-cefe5c415329", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c4836f43-4933-52b0-9c45-69585212504a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a2530fda-01ec-53a2-b01e-617e235c5f84", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:11b15b3c-254a-54a0-9b12-21d550bd6b7f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fa7765c7-f45d-5d83-99fa-7a37108e21f8", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:170b02b9-c32b-5da7-974f-ce99b9de2a98", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bc5f7898-65a7-5ce8-ab05-9b283e2e98cf", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cd34f3d8-6c13-5549-ab26-5fbe7f582854", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fa548f97-082c-5f32-b5ff-08dd6a37ae4e", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:19733fd2-b76a-5131-8c9b-ee963f4923ce", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b2f4cb94-45a8-56bb-a388-781536bd27cc", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d68db844-a566-5872-811b-27707b1566d4", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:14070210-4977-52cc-8530-d88a44daffcb", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e0904e39-6d57-5159-96a7-0679698fa16e", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-databinding 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2af74b89-7df5-52c8-a115-aa012c369b17", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:25621ad0-1f34-50d1-83a5-b9c006440343", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-databinding 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1bb40fb5-93b1-55b4-b64a-28593426a7c0", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2cbc5c63-5e00-5053-be01-efaebb821783", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-databinding 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de79ad9f-7d0a-5453-84dd-301799882de1", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:87e84667-ba20-599c-915d-5b60a09c3e95", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.11-tuxcare.5" } ] }