{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0a37bdb9-c37b-5bc8-9621-396193f93cf2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-features", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ab837c42-eb60-5736-baaf-a8680f6d831a", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7744fe33-946e-5800-8bb7-b925dc0497b7", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:37a53ec9-bd39-59d6-87e4-5682c561150c", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a43a3e2d-a94f-59f6-b7a8-f57a4c42625d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6cb06f71-9b3e-50c8-9580-8f85e4b407e5", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b35b0368-6aa4-59d9-9249-fed468604802", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:78a0a6bb-5551-5ca8-890b-bab854c66e1d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5384e0bc-e3fa-5456-8490-bc474f760c3b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:181b362d-3823-588b-b5ec-1922e6384b4b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:66956ded-81bc-560b-ba38-2dbcc95c0111", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:96bd45c0-5ec9-57c2-8612-5baa7b8f7ec9", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:59dc045b-ebc8-5406-835f-6fda9efa6a2e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eea54500-5636-5fe2-8187-ed5b11d5e9d7", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25f6e705-c751-51d7-9b69-79624692a4a9", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:beb147eb-bb83-515e-8c49-a1c2f17e0577", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c5340e79-1d44-5d1d-a86f-98edf807fec3", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a23120a8-ec9f-500c-afde-1bb17ce931c3", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-features 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ed6008b-2370-5a8c-b4f0-cd0bcba5f384", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d4249c34-5f0e-5abb-a455-413df725c331", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f51ab922-2916-54ed-b5d9-ecac0cd5aa1c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4cabe4e3-872b-5496-8204-a4015eabb0b1", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0a422be-49be-5e19-884e-d549ada0e450", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:310c7788-344e-5b7b-bfdb-a99cdf14f153", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:20a03ba1-7eea-56bb-a79b-7665a63ab0ce", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3fa059a4-911b-558f-b0ad-3147c66d49a6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bb48dc32-7306-500f-962e-7e8af1209ff1", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-features 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df4fe98a-b606-57cf-955e-b97374003b97", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff1f410c-2be8-5ef5-a2c9-c1b8a37127c2", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2fdd23ff-d9fd-5256-9790-d304a7fb2340", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:348bd1fe-cfe3-5298-8d2b-d26c9206201c", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-features 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:00c4b3dd-1667-55a0-b17c-f9a962587dd1", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1bbc3097-f92d-5a0a-8303-a7a00cbf8cda", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fbd95b03-3123-5961-865d-26a2e7e4e04d", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da57f420-328f-5091-bde3-ea7d35bd1aab", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-features." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-features@3.5.9-tuxcare.4" } ] }