{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a1633b0a-af9c-5f98-9a3a-0e78ec48e4ba", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:57b79be9-c88e-52d2-a6a0-fa8617e6a7dc", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4fac422b-8c79-5ad8-a7a9-9674ec3414bf", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:49512379-a791-5dec-8a4a-d67300e2ccc5", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dd6a6e47-f8e2-54e4-9053-22616653b89c", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db2f1b05-63b9-518d-bba1-6de75de4d776", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7915e053-1234-5b41-862c-ba4b69d1935c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7cb4b2f-dc47-53b5-bafe-2723a9ee39c6", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d17aa306-0a71-5514-b3db-eaf5e038e10b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:04d18c05-0459-5af1-98de-563a44ea7146", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:605aeb58-1844-5d2a-81ec-4a6b6a861d83", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a7324fb0-891e-5399-9bcd-72819139fdff", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a609f0f-48fc-565f-87b2-b7f056f0bed2", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c528fcb-430a-503a-8e14-e3bb9d7d476d", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06f2493c-b9c9-588b-bca1-5f5fc06247d5", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:277683e5-46c6-5f5b-b666-258b7e4ed153", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d28c5fa0-9cbc-5014-8fc6-fd0956fe2206", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43df156a-9eb5-5df2-88a4-5262e65b15cb", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f581a1e7-988f-5dc1-938d-0ef24587caf9", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b11eecd-66bf-5805-8292-a900c0ca7e1f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:43adb0b5-055d-5c59-800f-fa11addbbefc", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7a3592ad-ed0e-55e1-9b47-b2808cd0f1e1", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e3579c00-c97f-5615-a9df-c5629992d7d2", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc4b3186-7d4a-513d-a596-e23dc868659f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c46b6006-be68-5351-ab9a-fba547376152", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b4eeaab-df27-5762-aa53-74ea1f3e049e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3807d305-23c7-5d0e-ab17-2a7744453950", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a5c15ee-7750-5092-bb9c-00186da2f5c5", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc4cbff3-366f-503a-b7cd-f28d78912121", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5243a8c3-ae03-5949-842b-dae863e21b12", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f88938dd-df42-5396-9802-3884b75743c5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20854fd3-9d0f-5c82-8369-42c102b42836", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6852e759-80b1-50b2-b656-5af79b09874f", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.2" } ] }