{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f0975e15-ca51-5d98-8913-f461fb68441a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:97984183-4332-5557-9517-8da4822543bc", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c08dd529-f081-56bd-b1fd-08c6bba5cec1", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b1e9ad1e-fc54-5374-a709-88866b1b04a7", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e7b2f4f4-2e3b-5afa-9682-82c3a4727f8b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37500ca6-bf90-5ec0-abe2-fd63a7dfec00", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:01495675-05c4-545d-8caa-2971342eca69", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cdc98d73-a584-52b3-a7a0-c10522aff711", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f553a48-b728-5915-b82b-4c569f4d8849", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d9a9dee7-9240-5ab6-b3fa-eae86b32b133", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a9d79ae9-0b02-5531-b3ab-7b714fb0fad1", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a8a10dc0-a34b-5e86-96e7-f5df72cc4a99", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ca9b3e72-25ad-5f4c-a853-9c6a0c7f219c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f91ce06a-7850-579b-b781-e3b9880e79ca", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed0ccec4-4247-5de4-8334-618d20662d8e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b8c219b-f962-5602-818c-44a9bf82267f", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0a14e87a-2300-590b-b431-e11670dec4f4", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da9a336e-02ff-5bd0-8604-57d0f4e8a0a8", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:39effc65-93cd-5f56-9c9b-497e08bef683", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b79cc43e-2c88-57a5-b928-302db653d3ee", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d039de43-67bb-57de-9c46-4194f364de0c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:869da331-ea2d-524a-a5e7-e9137d2cc434", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e5603936-9606-52ac-bb1a-ccfc6dedee9d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f00dcd42-fcd4-5fb0-ac42-d216722b2fc4", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:80d7334b-3234-5ed2-91b7-8d283d83b752", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5d33472f-6358-5eab-8424-622ac65be8bd", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8d5eaa79-fc68-5651-9ebd-a70ea6f14db7", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26eafac9-2a97-5965-a261-bb8d81f3552a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:16e1ea80-b6f5-5449-bb28-31b5ce735e81", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-features 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cd3aa7e7-c827-58dd-9d37-e3d47f2a8b46", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a2b97e79-9039-539c-abc7-9a6cd8b15ad3", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:718c7c02-d596-5a77-a161-050d5a57ec6d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b33267a1-e990-5c7b-8501-c670c73ea3ec", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.4" } ] }