{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:18b3d033-5f88-5d32-bff1-481a0bbd6b95", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-eventing", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3ca50c67-4973-5abf-8018-f22e669b9538", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd5000ec-e0e9-502b-9432-8ec3a63e9747", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edf9b062-cfef-5950-a1ec-527b2a428788", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad570380-7a88-554f-ac95-ffd06b39be74", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e77d9a8b-fe71-5615-b345-7d93f3be13e7", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:67ebf480-df20-518d-af9c-4a008d18a92c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22d118e7-300f-551e-9369-6c9d9bdc5928", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a9c8b1d0-f7de-5885-ae7c-8441e05fd6bd", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:62c778ba-eb72-5e9f-bdbb-40bc3fa2c9b7", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90e8d884-7513-5394-9604-fabca2d3613c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:123ddb5d-4b4e-5122-a100-1552232c4a93", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ae51b5a-843e-5095-800d-d43035ba58d8", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f680f8a-f7a7-55ed-b8df-65f5aba6b1a0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:05e0191c-2dd8-57f4-9b25-b10530b814a7", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edf55ec0-8b45-5c80-b9fe-c04398a84a5b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e4f2151-d86d-5c7b-ab76-e098e46d715d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6e3506aa-fa61-5dcb-9564-bc3f334a0df1", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-ws-eventing 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01a51a18-f87c-5fdb-a958-dd32a4ed3ddb", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:be82f90b-401e-5592-93aa-11f2be6a6b30", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ce5e0bc9-02aa-50a2-9612-1bf112915308", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ccab902-7649-53b7-b196-e21ee70c4f64", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8bddd509-527d-5251-ba24-0a70fcb0bfc3", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36a9d2f2-f57e-5de1-9050-2bbf906e5caa", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6fb4738d-b0d5-5fff-ae4d-e24ece6e07f4", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b5299d6-456b-5442-9741-9a3602a0db06", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:89778c50-243b-54c1-966f-15e717af5ea3", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-eventing 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c4b0987d-22b9-5abd-9f3d-69d13706a00b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:713e95a6-2f40-53e3-8f7c-86d0263cc6bd", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee70b831-7902-5647-812b-36f4fc3b24bc", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c9e1f80-6031-5e8c-91a6-5a14e6faa77b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-eventing 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42ac82d0-43f4-5e04-bcf5-414e2bdf7e3e", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b49d6ac4-bdda-5848-a549-f2bbc3f9e6eb", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76c6012a-78cc-5c31-89e2-5e430f850cbb", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:841cd23a-c97e-51e6-b370-9ea101063a50", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.2" } ] }