{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:597eb157-6649-566a-b9c3-8546fad5b886", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:608ea762-0439-586e-b924-3d3ee0bb0249", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:647a498b-7ef7-59de-bba0-1c0bbd60be91", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:28437901-d384-58da-bd68-948c9294dac5", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3152a96c-400b-5bde-8d3d-1324f5f1b33d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8a5cb4a1-e4b8-55eb-8004-436a4d63fccc", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f34beb9-3ca0-5065-af4e-45b0cf7ea778", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:abc6c99b-db42-53a6-aa38-7ea80bb9350a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7254e357-8bc7-571b-966b-8e98ba2d0610", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a153158-8c1a-578f-bbdb-bc64853022b2", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db18ce5c-a700-5cf8-8cb7-29ebae136f6c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b32ef7fa-8779-5678-a159-414117304a9c", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:359fc23f-b555-5776-8b27-7c1dbef0babc", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:954a6cc8-11c0-503c-b3ab-e8b8a434c956", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:72be1d66-2deb-5605-a5fb-65add3255f02", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:22d34ef9-ec73-50a6-ad5a-ec87592bc76b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f0a37f2-8f72-58a5-aed4-6473283afcdf", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4681ac0a-0b0b-5a8d-8141-293bdab92c9d", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f598afa2-2584-5e01-b34d-f3de02ff6759", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b762689d-26a7-50c7-92fd-aa7dbde7c6f1", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5f4e522b-e394-57d4-ac3c-c38e9a003367", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d8ab3d8-245b-5997-a86e-c8ad676c55ac", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aedd1259-eb3a-51e3-bbf4-f4381fe5a566", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e57519d2-3c56-5c27-8034-48f02f74e490", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:58871c72-ab66-5e6b-bd77-8f93a910e5f9", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cf7daec0-e575-567d-a10e-b621504a1682", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ddd215b0-1370-57a4-b3a5-d731a8fc706c", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a44a8c4d-8fbe-541c-aedb-96b0c9984858", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91ff9f62-fe07-5bee-b33a-0f695b5255d3", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b827ddf3-8760-549e-894b-405a478824e4", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:322fc2fe-1441-50d2-bf8b-7d7383500967", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b782a438-9f40-56ca-9e8e-cfbb5f101df1", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:94e1baf3-d6d4-5d39-900a-6928711f0db2", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.4" } ] }