{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5eddba21-11d0-5163-b22a-7a0850404a35", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-eventing", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b5abb325-2cf2-5ee9-adbf-7cf38eef8f1c", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd20cbd4-1590-53f6-a1c5-078ed427fc0d", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb073d28-0d2c-5eba-bedd-dba8622ffe83", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8c9db56e-353e-515d-ac7e-dc25a648ad33", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7b43bc47-d7be-59ff-9c0c-365f98b04984", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9adea07b-ffc7-56e5-9ecc-32bbcc4d4c06", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fc33fc2e-1380-5343-91d5-b0225e30dda8", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e970d29b-8f03-5893-8d0f-cb192e526d4c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:de18fc01-f743-53f0-a78d-a10caae6ccb0", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f13a092b-7c3d-5c62-9c15-126161eedfd0", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f80ffdb9-0b69-52a6-8df5-e6e857f8fdfb", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:19b1e9a9-cc38-58e2-87e0-e66c3db6e06d", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0bfee37d-e51f-55b4-9d21-6e5dd0620f0a", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c2d3b685-165b-541d-bcbd-8bb597c1d097", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:39eb6e19-4edc-53e6-ad59-0dd3f1358054", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5b7aa6c4-a159-5785-9137-4a2d7df72e63", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a4a43edc-2cd2-522b-822c-7dcd8a48bff7", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-ws-eventing 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:149546a6-7133-5023-be38-708c53db9385", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bce4088e-9b10-5a87-a39e-15704077576f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:55e0d2b5-8029-59cb-9c11-da36f9e828ee", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97b391b8-2435-5976-bbfb-40509f40a8fd", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6d248f8f-72d3-57a1-be9c-9b759dd70e2a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e035690c-ea44-5018-8466-843ddcdc3d34", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f2109861-4ada-50be-a90b-fb15ea5b1375", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1c57fa17-c513-5063-aad3-fae18f425a4c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31461877-2876-59d6-bbd8-f2c922835e49", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-eventing 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:887c176d-4ac7-51fe-adbb-0ce273ae45fc", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a0f98081-7974-5bd1-95e1-4500de300b73", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:501b68ba-5509-5799-ac23-4a2cbee5364a", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:84cd8656-8837-5091-b977-a75d1accd2a4", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-eventing 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:925088f5-8efa-59d8-9117-29291c1436aa", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ba69098f-9dd9-59e1-a0f3-7eecbc42d5e3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0057d249-1588-5d9f-8f7e-ba00ff971758", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:020ac228-3fc5-5e04-8e1f-9f7761ab7c0a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.3" } ] }