{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:19a63aa4-790f-509e-8f20-4d9e34c5da7d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features-clustering", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:84eb0a6c-5798-5b52-8fb5-01a63276c493", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4cfa49c8-4bbe-5432-b433-16d93cba1ae4", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da145807-7395-57e5-b08f-a08ee152f964", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dad56dae-69c0-5e74-b1bd-efea40f7daa0", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ba0bcc61-9d1b-56d1-a8b8-1e2b6d26f08e", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f579ebe1-4432-55cd-b66c-771f8ba33837", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:77d16cbd-2682-5152-abb0-f7199393bccb", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cccecc30-8882-5457-a6af-f7f103b430c9", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e7cface9-3e00-5b06-a9b6-261d60662925", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9acc1994-b6b8-55ee-9b70-c4300b79f571", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf9be492-218f-5173-8cdf-4ee903c230b0", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1e1442a3-cb3d-5f2a-97b6-acc553ddcaac", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b5a70c7-efe3-5d8e-a910-738cd3676177", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:881f2f33-229b-530b-87ce-32766addd67b", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3fd0d50f-090c-5747-896e-930875d37201", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2e68b9bb-b572-5dd7-8acd-9171aeac1274", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9244a53d-015f-5263-96b0-2b55028c06a5", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e731b509-8818-5274-a36b-c9962b90fd23", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:28017824-fc9b-5cd4-b6f1-bf26483787bd", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ac98522b-724e-5b29-8801-b8cbff686b7a", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:180a894d-6365-5289-aaaa-00d6eff9636f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07048765-a465-5071-8360-36100d719954", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dda45179-a3a8-5727-b57e-1bde51a0be18", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e1775f9f-409d-5586-bb5a-652b553865f3", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb9192f2-25db-5ae0-8f53-f4f8569b7fb9", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd72abe1-8043-51d6-9cb2-af23127972f1", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features-clustering 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:593c65ea-5fdf-5c2c-97eb-13f1810af389", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a50260d-fb39-5efa-9c44-be23c8414408", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-features-clustering 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7aa21fe8-b27f-5f04-a1d1-9f3a46b86be4", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:60fe40c4-94f8-5410-b0a3-22e3c6d3778f", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features-clustering 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:31e9f644-cdbc-52fe-b87b-c27f3cb1a7ce", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b643e99-ddf8-51eb-abfa-f28144c7ad6e", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.11-tuxcare.4" } ] }