{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:aea07bf3-c8f6-58c3-b724-6386cb977023", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features-clustering", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fee74c8b-db29-5184-a402-94652e996231", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:57702dcf-6859-5857-83be-62b0354fd385", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:baf57a92-812f-51ac-a463-a90116dfd1ba", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2debb34a-84b8-5e1b-9c99-24402ab95e9a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e7a78f44-5b0a-50a2-adfe-80fb1c57a32c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5da3d917-cddb-5f2b-be14-4853e5df5852", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cc105b63-d322-53b6-9470-5425525aa13c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:59bd6bf4-392d-50a4-9a85-ce2df57bc34a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c15088bc-f68d-59ab-b1c9-2c312ef21d37", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5afe647-e93b-563b-aa3b-dc1f556c72bf", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b036729c-b864-5dee-b6b7-5dffd18cf383", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:983ba1ff-2817-5b5f-ab6a-c88c8ba46e46", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f4106d0-57fa-5653-b19b-ffeaf0168470", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:23aa2ff2-d7c6-5c02-8870-c925d70de31d", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bdab26fd-42a6-5ec4-95a2-623eb5afc07c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f7137a2-0c00-577e-9fe4-c699abc76ebf", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cff3a43d-4e5e-5b2f-9715-047877c7f4a9", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95f252f2-750a-52c3-b11d-cf2b7a6767c1", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0ae4b4e0-c300-5b5e-ba72-47b412a453a8", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7da9380-4075-5586-8177-c77a984de872", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:12e42fd3-f671-599a-b9b5-90c2a53f108f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:890b4b21-e8da-5929-a223-21bb43f067f4", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b9dcb52e-c50c-55d7-9931-e40f314301c5", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e4f14f0c-326b-5aa8-988c-e2ed6585b557", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7717d7ee-98ab-5de8-b719-5c774105fe1f", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:faa8b619-767a-562c-9f30-ccc336802007", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features-clustering 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2fb8c6e-116a-5a52-a697-ac56e4dcaf4e", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:56039421-2eda-5198-8ee2-260c9f568b58", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-features-clustering 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:374e417e-2528-5fee-b8fa-a7e869b7f592", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c2ef8ccb-6256-5828-9e15-077fd17b7c7f", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features-clustering 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35d08be3-ac6a-5f1c-a972-e27db2829bd0", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3fc5f2e1-b560-53b4-bc28-d7a6b3779627", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.1" } ] }