{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:728804bb-6b1f-5971-aaf4-e8512cfa09f0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-security", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:112c7684-be83-5d70-a86b-4605316d320b", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:a3a6bf9b-c332-52c4-9f8a-ea3d3e4ebbd3", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7760721e-e52f-5f9f-9126-5c2a4f41ba7c", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bdb98069-b9a4-58b0-adc0-ea347cd6c941", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e2f3ae01-1977-53e3-b194-5c4e4f7f4b51", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:64d3005f-92c3-5abd-93bf-844a470f4be3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3ffaab12-4fcf-55d2-995a-0506f4b62eb7", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:924c3150-173d-5ae8-aa09-ce2b65e183f5", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:362544bd-852b-5e30-94c1-c612e22293a6", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:53e981eb-5b1a-54cc-8a74-c7232b297684", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3a99879a-9907-5472-9351-06ed04910fe0", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7005fc4c-21d1-5bf3-a9e1-81bbaaada16d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:55d23c89-39d9-5148-b315-8e09d427d056", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d3b62f48-5edd-5161-840d-a3b25efd262d", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5965a0d3-740d-527e-9233-4b3d4a45d9d7", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b1967571-8954-5e55-a7bd-a8b94d481ea8", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ace59930-f5d1-55cf-93e3-7d9932ce11c3", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:38c33578-563f-5d30-a2d0-2c2332bf0d16", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:af47d377-8801-5345-92af-8fef2b1b62d6", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2a5340bf-d10f-5008-8940-860b429c7021", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e92f688c-b344-53d3-9503-55225e8edda5", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6805923d-194a-5ec8-8810-8047b8eb7fac", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:91253ddf-5315-5f48-97cf-3d4351c68c2c", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7b4b757e-ade8-5e9c-8b01-7e2ffb8cadf2", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:bc206902-ea0f-5f2c-9261-8a35d22743ba", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:49529f2e-2a55-5de7-a84a-8000236bab32", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-security 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e0d4e1af-bae0-5988-9844-d2644babc3da", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2e3d496f-31c8-5953-9470-d3f2d3c57be7", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-security 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:8ee29c0b-227c-5419-b8e3-e3c3c2ef8491", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:3c596ba8-d262-5ba8-87f6-836696d7d8c5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-security 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:b38e2fde-8eab-5edb-940a-8a6b86185f21", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:355c718f-cb58-5a1b-899c-fd373babe9c3", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.6" } ] }