{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a7d723cf-6bb5-5204-8b31-516730d85cd7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-javascript", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2be61d6f-2c7a-573b-a482-736358ebb569", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:57e3ee6c-4013-5cd7-9888-51f9480a635a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:29d47975-aac1-5195-84e4-f0430fcdba20", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:449a7bc7-7501-5dfd-9411-437f6694050a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:577396f8-f9d4-5851-8336-1dfd7373d1ac", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4eb0a2b9-a739-5eb6-9faf-8c23ffe55061", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:531aeaca-9951-5c89-9628-9ff8b09239e0", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fa001e8d-20d1-5a2c-88cd-778ec09652cb", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8e168e48-0d33-586a-b09c-472cdfc277e7", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2177d9e4-6d2d-5954-9411-8e6f8cfdfb93", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6d8b8a87-f63c-55cb-b59e-0f9c2f02fef8", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4662cca4-eb1c-5c45-a802-b0c0294178bd", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:da30c56d-c9c9-553e-a14d-0feaeb6d4d6f", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1889c65c-f337-5063-a486-92546a99ddfb", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:27cf9920-eb5e-5aab-9cb0-468956a7e9bc", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0798e3e-b4d8-50a9-868d-7f17e42af4ea", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e1071856-25e0-5f83-b4f3-2d0721456869", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:381c8dc3-6585-5dc5-85cb-e6c087b01d04", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25516e8d-2f39-5424-9bf7-88f2d7446bd3", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8d1a2c5-9bf9-5d60-bad8-3848525dd20a", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b6208a9d-cf8e-544f-bcbe-9fff1dc9e22a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2739c8c7-80ec-5245-a4e2-a02babcde8e9", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ca11911f-550f-5a66-bdb6-7a058ad72829", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fea5d0c3-2655-5734-ac1e-d8993f445488", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fabe71e9-0816-5659-8e40-7d3fd06d94e8", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c74811b4-1711-5ae9-9a29-3b3641657657", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-javascript 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:768704f6-7012-5452-afd5-5f341909a24e", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:15f1730f-d006-50be-bf84-d97bdbd02075", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-javascript 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:09b8cbaa-66bc-5a06-8a40-5f8daedcc1e7", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c5457b59-971d-5a15-a458-2b960004cb77", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-javascript 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ae18103d-d1e6-568b-a63a-020735bcf277", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c956103c-9ef9-5fa8-9519-699415f5b7f4", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.3" } ] }