{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:c12fd483-d155-59ab-8e9e-9fa70000b262", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-eventing", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7f2dbddd-0e79-58c1-8dd5-01bd7e068bad", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4da273d4-3841-50f9-a6f6-02e71b3a5021", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9968afc9-13f5-52a9-a75b-df92dfac883b", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01ad998e-8304-523a-a782-e0bcf1277471", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c28a0241-952d-53d6-bd59-13f17751637c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a64e46d8-16e7-5efa-9960-1c4e67fbe842", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c305f61-f088-56ab-9699-d08b0060f021", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4a856e9b-4754-5e7e-a4a5-45a3d1090bbc", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4e02e5f8-1637-5354-80b6-8ef6175958ef", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9130eddd-ca79-5e9d-a5a0-f584b3a40e9c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:18bb3982-b66e-5568-aa43-ee53a2e0c877", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c888d48f-059e-5242-b2b1-c50c1b2a5d1b", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76897f7d-b45c-5ed0-bdbd-57e4fe4fab64", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:91251be5-bb34-53c1-8bd4-d075d3404dfa", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96d6272c-b171-5278-927e-9ad0de50a702", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:765afaa9-a6e6-5e4e-800c-6f40b002839a", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3cdbe43f-11e4-51c0-8912-97097165a2eb", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8555b539-69af-54c6-bed0-d0748f70ffe4", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8affce69-ddf9-5002-b12c-cf9801bf8c8b", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b86d1a65-d839-55f2-80c5-2302f78b97c3", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40018e5d-f163-5560-8e7c-26b467c0db5b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9da59d00-2f7c-5f67-923a-bf7cb1ca9627", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c10e591-e41e-5423-8dee-a04e602e6c51", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4691b524-72fb-54d7-af0e-aba866c346c2", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c9551f12-7b98-5402-8188-cb21faa3489b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee70320d-ce47-5c6f-9803-4166534f5d2b", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-eventing 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ef35d244-087b-5aa4-a6e4-46c53dbef83e", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b821b6e1-1fcf-5926-992a-2abee71c9ce5", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-ws-eventing 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:761b0ac6-6c08-5fc4-9cae-5c72b1bc6e22", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cb76c0e-cb65-523f-86d7-e13f7344fba9", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-eventing 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:373656f4-0ec3-58ad-b01f-418fdff03f3e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7be3d59-2b78-5f16-b8ea-542f8fb7dc6b", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.11-tuxcare.2" } ] }