{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a7b970ab-e4c4-51a4-803c-8f8ecf99e491", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features-clustering", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bbeb9725-19fa-5be9-987c-276801779ed1", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2d5c04f4-59e1-50e6-8901-70de6d290455", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4f6ba44b-9dd0-5ff2-a6e4-b60801b7b1aa", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6e52a9c9-ddf2-5225-9b48-4e73a0534324", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b03ad4d1-34e6-56b4-8c37-0398a73ff5ff", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2aacdc2c-15cb-5485-8700-0c9743a1185d", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dcea027e-3682-5840-a00b-fde6d19d067a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bc919fe1-95d7-531b-950f-b652889fedbc", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:be5cedc9-89e3-5592-8dd1-77cd71dae7da", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c80963d7-040c-5ee5-9332-cd43e762be4e", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d010c85c-2554-5df4-a5fe-5b3d23f6b3d9", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d7648d2-bf1f-5d27-81c6-9341bd12ee5c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b01b8979-636a-5d1d-8121-d649923ec2ab", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8af88115-31c8-5834-8abc-07b7ee49b6d6", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8a3f16d9-06ed-5671-9e09-811d27b33fb6", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bb698e8f-82e7-599c-8259-4bc7f5dffe87", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba34d7e7-e9e9-5171-8c99-4f00a8eb0639", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-features-clustering 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7bbf1606-2e85-598d-b3de-1dd2d9bdb8ba", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:625cd7e8-0f1c-50b7-8156-8c1033debddf", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e584d34c-7261-54d6-bb25-e6014be433cd", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:afacac92-b580-50ee-9403-3e38684aed4c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a75af0ee-33ec-58fa-97e7-595e945628cb", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e56b918-0de2-5962-9a41-258c66cd4343", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7614888c-f3c3-5170-99ba-6df2d4856250", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0a9b023-5e5a-5448-9517-2795934497cd", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3c57ae81-6208-5b14-b260-30dc2ba5046b", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features-clustering 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ed146e3d-55c0-5d05-8241-617ff43388d5", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6cb43d64-a53e-5119-9347-618d13cf998f", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:092f0605-0a06-55fd-91e6-880a14d5d2e7", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3141537e-1bf8-565a-a30e-ea3bba8b534b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features-clustering 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:fe3e2a3c-bc5a-5727-b1e0-11dd8b182ff4", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f82e9a98-b7d2-527d-af0f-e32882d6b5df", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4c1cbacf-b70e-55e0-adaa-2700700dd19c", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:930eb47b-5ee0-5dd0-a2e2-697913036c63", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-rt-features-clustering." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features-clustering@3.5.9.tuxcare.1" } ] }