{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:547c8b6c-f6b0-53c4-925f-eaedab276f5d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-ws-eventing", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a35ad56b-8e22-534a-96a2-1e86b38503b0", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:58db9cfc-3f77-5053-aee0-f7b9297e82de", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f3da4b3-2f73-55a5-bbc5-1ad215464252", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:472fbf3e-a7b4-5671-9e6b-f04c94bfc5d7", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:17a60bfb-f486-5637-8f9d-219c37b72f9d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cec30d3b-7947-523f-982e-01a851f5ae14", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3233b06-85c7-525f-a13d-edb53339ada0", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f2d6532-9eef-5d52-a1a7-72100a57e7e9", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f05e9ccb-fc94-5eee-8ec5-bb5ba4672efa", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6fd54095-c0c3-5620-8519-036d8f4ca17b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26bc207b-fb6e-5cdc-bd78-d67736526f85", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6ecbab32-6dc5-5c3c-8171-e94733b39f08", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9f8e787-a15d-5f29-b056-54dee9031bad", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1190b365-fa8f-58e8-b83a-48859d99cf21", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:186a877b-7c29-5f0d-a452-a2750c38e4ad", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89efa624-7344-5360-814a-5557b7d92ae8", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6debcc96-919a-57bd-a123-f8e1c811c633", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-ws-eventing 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:da3f66b7-e0b9-57ee-ace1-fe45e22d60b9", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f9448463-e0c0-5292-b2b9-cfbaa938241d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:31c36c60-e5a0-59bf-835c-6cfe24be2e89", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8d9db3a-d657-58a4-8ff6-ce6c04b078c2", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:104ff8a5-a29f-51d8-ab4b-819097b7af8a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b35e45f3-a8db-5540-8114-a770702ef012", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2c4f547c-4f51-57cb-916c-18cd0b47f5b1", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:742a8fa9-0375-50a4-8b12-9442f7b0e09c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d1966a2e-f50a-5ae1-97eb-c4f8386ba7a8", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-ws-eventing 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3f1e50a-d125-5dbc-9334-05d4586ee657", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:16afba45-35d8-5bb1-be7e-62a1bbd854e2", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cc474e0b-f720-5044-82e4-3124c15119f8", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:eed0785b-42a0-5e1b-b18e-5b47b25c2127", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-ws-eventing 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07566829-2519-54ad-9a79-40a7dcb3ff80", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c71ac87c-f946-5f0d-8475-83c5d0be0356", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf8fd32f-b3b9-5039-8cf9-93f18c73ebd6", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fa472fde-fa37-5386-9a7f-dc2cbb981876", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-rt-ws-eventing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-ws-eventing@3.5.9-tuxcare.4" } ] }