{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e3118ea5-1ddb-52bf-b246-1bfbf6ddd6bb", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-security", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a51f5137-46c2-5906-ab01-016c2b1e32bb", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c0e178ce-2257-5895-abab-5e89116ca5fc", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2277ef86-3924-5041-a9be-83cb0f183af4", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a31b57f4-45df-5eed-954d-d7a91f310cd5", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7993d315-1798-5bff-9666-f0cb063968a7", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:badfd137-d532-5d90-98f0-83c493eda3be", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2dd631f5-0620-5b23-b27a-9501a2a3c995", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:106bfb07-606d-5531-8474-67503ba0cb04", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fcb4b726-98b8-5063-849a-0f7ec4574afe", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:17b36e21-c2f3-506a-96cd-8a8f0504a7de", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c3ec1ac0-c816-5acf-bd12-373e096a6157", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4a360fc1-6b9d-5e64-8fe9-fd1d3a89a879", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f2e0bddd-9c9d-5ee3-8b5b-844cbaef46e3", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0177905d-b2c3-5b2a-a147-7a7d2f369b5f", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed4e4074-296b-59b9-b736-3c83a88867ef", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4b6f8030-6260-58fa-8937-d4b193e3c5ad", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:457bcf0b-2173-5a01-b348-f5e076c3d879", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ece340ca-748e-5184-8d52-bd984caa08fc", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0e481bf-6bce-5aad-a383-83b514f80af1", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9d1decdc-a89a-576d-889c-92efe3c8c4d0", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:88d4e5af-b976-50f1-99d3-83aa6288d26a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ccf66915-d50c-5f84-acfe-b1dc0a62bb79", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c8c52920-28dc-5831-842e-3428d74f858a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cf4c23c6-f128-5e16-b7f0-300825b02b05", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:062737d3-1e7e-5eeb-8cdf-5df44e64808b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8d90933e-8136-5334-800e-aed5830f307f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-security 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c3873d61-0d0f-5254-b4af-f221f7cec0e2", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:702c9d80-f977-5be0-a351-d123b0c0b009", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-security 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ce4f8a71-d1cb-5ab0-b76e-6f451262dbee", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0a31d591-da87-5ea2-bb08-012ae8aca13f", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-security 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:df95bcb8-1671-53c7-a93b-345ab2425b32", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ac47e18-89ea-5195-8a5f-96d73326e990", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.4" } ] }