{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:eb33b4e7-0de0-57d3-875e-72d7bcb544ee", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a3818568-4d00-53c6-ad72-5abecec52236", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f28a5b07-ccab-5368-acf1-dd2701e242eb", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9a367af5-3dc0-599b-93eb-e5c561d9a248", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3fe7b245-a192-5ef8-9574-0edf8ad5807f", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:672e6aa3-2d91-5d62-9781-ad03d92ab206", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10001855-9a13-5bb9-990d-60f6877230eb", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3103f020-c1b4-5245-bb91-2ad5a07ec2c9", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9bb3729d-9bac-589b-9502-d7a4bfd618d2", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fced8a9a-a3aa-5adb-b070-a0eee677283a", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e109671a-484c-519d-9393-4502604815c5", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2709104-91f4-5625-9948-2e3bc4bd5e1b", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80aa1c78-7306-5c5a-a648-be345d40842e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a807d613-ae32-5870-9261-79a555061ff8", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3f94e393-5dac-5d8a-8eb9-500df3a0196a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4abaed8f-524d-5fa2-a21b-1cecbc2695b1", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c8fd575e-6e01-5cf6-be17-6c392bcd1d41", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:162d0054-7850-515c-bee9-9d7169d3d40c", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a25c3d58-dd80-5f51-b225-8fb76307b10a", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:20483661-786a-5122-9d99-bf576df935f2", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c656611-6669-5b1e-9802-1515345b31cd", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea33dce2-7ac5-5101-a426-3e7bfc3525da", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cdfcf4c5-a605-5a6e-b68f-d9f60a14c70e", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0b8535e1-9360-53a7-88dc-366bcb59b712", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7c44c1b9-30c0-55bd-8f4b-f9dbb5dbc67a", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9f821409-728d-5802-bfe0-bfd20763cec0", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a062dfe-b2d3-5d99-9fad-e4bd36ca1a08", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ec44a79-5887-5533-986d-b07b14e1175e", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e3dea827-1229-5b0c-b83e-f146fd6b93cf", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bc0101a8-a752-5faf-8896-1f1e16ebc24c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e985fa63-92ad-5064-a766-d30477b33f57", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:716feb6e-6b7c-502a-a452-99b6716bbace", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:821b6d14-d322-5f3a-a611-586142b7313a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.3" } ] }