{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ae189a62-4923-586e-af40-578cd1fd9f39", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-javascript", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:83eeb097-9ef9-594e-9076-20a99e3d82b8", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6c9ac9ac-99bd-54aa-9ea5-aa1c64df4171", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:586b5008-4e2f-57d5-ba58-0e5e1d8a713e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:989a9d4d-ebbd-551e-aeff-c5343c73a2ef", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25065f75-7fad-52ed-b36b-9001e2aa07c1", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a26acb92-5db6-5ede-8760-3679d0d0aa0c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2855362f-7547-5895-8acc-f9b070f580fe", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0916d957-5120-5072-ab6f-d07de68ea6fe", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:03146af2-3d25-5890-8bae-405d8335685d", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6f730e14-503d-50cc-9121-2da3780d5975", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89af57ed-02f7-51dc-883a-2dbbb25e2b40", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e33f922e-65f7-5bf9-870a-d6e29ec97413", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:60f6c394-081b-568e-8f4d-e0b25683ff2e", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:706e3e62-b7e7-5614-8546-f84a670787d9", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6bef0397-4a02-5989-b36c-9ce6d664e840", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:36351f7a-240d-5098-b08a-23a7c007b9cc", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:13c63098-275e-5691-aa7b-a29668b2dafa", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-javascript 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:50f6355d-7413-5917-a132-d6adadb0b2cb", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:16420dc8-6915-5560-b603-fd07d171a4d0", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fc2da866-dc9f-516f-b754-995d72962889", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c4c5065a-b14c-5706-9578-963b2c70e3ed", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d0737406-9129-5354-ab63-529946516486", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d3066746-06af-56dc-914a-83d2647483a6", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a8de2fe-ca00-5a03-afe3-147c433941e2", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9d166468-ee16-542b-9fd3-c4781a4b32c6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:de9879ca-760e-5d10-88f0-fcb310b03153", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-javascript 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89495da7-0a81-50b7-832a-bd62830968ab", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fd355a9c-9a3b-537e-93dd-289873057c27", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d6900a6d-2605-5d8d-9393-b2e996831396", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3cb1b8e0-bf50-52bb-90b4-b6fa3b553907", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-javascript 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:633e82c5-1d95-56d2-8e49-f7e6acd476f4", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b082eb6-496a-528a-8322-c9888e91f0bb", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4c43dd7a-5e08-595d-8b50-42cb9e75c9d5", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b8a7175b-23b0-5e1c-b1be-ebecd40831df", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.9-tuxcare.4" } ] }