{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7a406989-1468-5e9c-93f9-fd37281db2eb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dc91b263-fdb2-5142-9f5e-d889eefc55f1", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7a028219-2ea1-51b2-bc41-46e5b0af3d91", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c4daaa32-5834-5297-b392-78cf7786d447", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:737d84c5-b753-5bd6-8b20-6654696f1074", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d8d0b573-a3da-5bec-b0e5-cf6067de2489", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:53d3c4ef-71c1-5eec-84c1-f313412a7019", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8290c728-f3cf-5230-b8ab-c69f1993c61f", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:59ec50b5-d470-5551-b154-fe67cf6c2db2", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5ce797e6-2ec1-531f-970c-ac4d419361cc", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:78697e80-b8d6-589c-9077-85dd156004e5", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c6a51113-04cf-59d4-8c09-a89defcfc4ed", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:652f206b-ff3a-5bc5-af92-050b5a2c6320", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7d6da166-7664-5ed6-9556-eaa41562df43", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:232841b6-1601-5e74-957c-46a313722fff", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:061a6591-1ecf-583c-b35a-16d26b8d3c99", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d920f11d-1808-5f46-aaa4-b0465c5b9f80", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a58bfc72-33fc-5b9d-9ec6-e237a88123ab", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1a56f873-8498-5219-9fbd-6442d8ab3313", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1e303560-dcc7-5c96-a280-825f1a86fe73", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:43be6060-683f-5907-a439-cbb56520113e", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7daf85b9-9079-57f2-b2c3-6adcd95a7016", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3664dade-d777-51ef-8c61-ce20b067dc86", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:addd0a01-60e4-56aa-ba62-4dcd8344ce77", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:972ef426-5353-5f5d-9f79-f9749038166e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:62db1d76-b62f-5ea0-95cb-88d34d0b0bb4", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:21aef29d-0bf8-5ec8-aab1-90ebbba706d5", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a257ce5c-6235-5c1a-9f4a-153ad825ac2a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:27ae7737-a1be-569f-b20c-435cc7019f7c", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-features 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b25871c7-0c5f-5577-be2e-981832e9b278", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b1477a74-5a95-51d9-8cf7-93850eb7cb15", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c4d7931d-acca-5837-b79d-92a68663123f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5db65fd5-8b05-53b2-872b-e16d814ea5fc", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.11-tuxcare.5" } ] }