{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:f2fa439a-9255-535a-9e1d-0f6c010b9fcc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-runtime-javascript", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:22405255-fcdb-5ed8-af65-5d085f74f05e", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2d8ac33-cde2-5982-9c87-0e48697ca52a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ec3a0e18-244a-5a3e-9555-5689ecad37e9", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4068cf01-b4ca-5dff-ab46-7fbdfac38dfc", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:745c00c0-e71e-565e-9783-40545d85b071", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a29af8c6-e45f-5775-a659-18b641d93e58", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7470cd93-4548-5413-a4af-debb9273b2bd", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4263b992-ea8f-5be4-978b-b2d7f7295744", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3471fadc-3e03-582e-ab9b-3adac900ee17", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5096a745-5945-5ed7-aebd-812f04139da2", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8db57bdb-be13-5e35-ab23-f4a134e230b2", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1b063321-7485-5e44-b690-90fcf1046d3a", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b5d60bbf-15bd-54d7-94c3-dae42bb110d8", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:20bca912-66a8-5a49-9f07-0adc2b1fb8bf", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:22391bf9-327d-5d65-a79d-9edb244d794c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:62d6b47b-9eed-5e6b-a995-b0b622ab4fb7", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f9861973-5097-5695-b7e8-f1ce3d6e1a38", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:700a4119-7359-5bd8-98e3-b7dabc47b8ca", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d7e632f7-71d5-5683-95ed-345a1e08826a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1f5440d1-2d83-5e6e-b838-52b12e67623d", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:955ebe73-4468-55b8-bcf0-06e33a94b204", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d568814-7ba3-546f-92b1-24d95a377bc6", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f3bffb6d-4d8b-582d-a7bf-8a06fafa1534", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d9f2608-52f9-55aa-b933-17c586a78196", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9daedec4-155e-5ea8-a331-949993871113", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:331e4710-4619-5eda-8c93-273c0d9b39fb", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-runtime-javascript 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b73f8d8c-f8a7-5a96-83de-0a63e534bb3f", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9682a516-b752-5d05-b4fc-be5fd9a55ddf", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-runtime-javascript 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a380df0b-9653-51bd-a2bb-b0f2a1d4448a", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f10a851e-5034-590c-b54c-ebe70b5e7c80", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-runtime-javascript 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:037ae8ef-f635-5af5-9be5-2bc8a8c68ce4", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1fbf9d73-2d8b-55ff-9111-9094bd2f46a6", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.1" } ] }