{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:875fa49d-d1a9-518f-8b17-593392db150b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a1515c1b-ee13-5425-b356-b4ec28431029", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:62080609-5ffa-5daf-bcad-47cca26f29bc", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c5dc9870-cc3a-5110-977e-7b6a0fb964e2", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23e85cad-57de-5274-86ba-826a5fc1c61f", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31a49e1a-0ea5-515e-aa76-bae01d5578e4", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cfc38c3c-3d4f-5f29-96d9-227ec2d15fc6", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4475e611-6531-51bd-b934-e23a8a76bb0c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cc1e9fd3-ca56-52c5-9218-db9e764e132c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb3688f3-7c76-5bbb-a5c6-81a82f0610bb", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c5f487e-09a0-5b90-8f8a-20216139ac92", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eb69fcb7-288f-5f5c-8011-1a084d4f0219", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b6be3599-9fd0-5710-832a-374cb8de44b8", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea3ada9d-b86a-5b28-8a27-2cdeef6930d8", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:18ff6ed2-70e9-5470-bd4e-fd252657e2f3", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ee14415-a646-59ab-b570-fa22eb2e690b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e7a04d3a-7a6c-5774-a60e-0193c7f57f92", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:716ec32f-a95f-53ed-9d7b-4ed97df70de1", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e209bc90-82e2-58b9-90e5-958547a0f39e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80ae74cc-0ba8-50e3-b751-e02abbb59eb0", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66a0dff2-87f1-5e60-8218-dbe7708ae452", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:45c6ba99-5d6a-547a-b758-470ed715c346", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ff77447-cc71-5bfb-868d-cac0211f462a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6f696af2-c7a9-5098-91e5-3a178ad2378b", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:330160a2-2eb9-51c1-89da-d9a5e136d0de", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a77658ad-ff5b-5095-9df0-751790baa69c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b521ec81-32c8-523e-95ef-6cc2712f4d25", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fcc8b9e0-d646-504f-b6de-b10fdd04ed12", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a21be1b-d89f-5a8b-8f5f-d824cb648519", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-features 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:51b2aeff-14cf-5ec6-97e3-938c78b50cab", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:42671256-9911-591f-99d0-e6865316cf0b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f33fcbf-ab1f-5e40-b298-17573ab4aee7", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a05168f9-c3d1-5d43-adc7-164e7f0cedf1", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.3" } ] }