{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ab4c8def-4299-5e16-8698-b34ff108b1fc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-runtime-javascript", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dedd978e-61b5-5682-ba24-49c96d073507", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:16e14ca8-90f4-58d5-ab00-ebbd6a49380b", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3ae3c1dc-4c66-510f-b0db-f08298e95098", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4825cda6-0a78-58a7-9df6-36192a1adc43", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c606e35d-2174-52fb-9290-9a176b802123", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b1e64fdd-31b5-55d2-abfd-53cf3903822a", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6ca2b20-fe6c-57bd-aa49-a1a176cea060", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4230fbf6-f598-5b7e-9bf5-92ff4220faf2", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:94dcbe24-27e7-5287-934a-f814d2c27b56", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74d40cfb-eac0-5567-8962-583d09098159", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:718ed26a-97e4-5312-b338-9a2844fe1948", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2f284d5d-eddf-5815-beb6-e9a7a0621647", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6f489074-2604-554b-a8eb-e98108ccfcc5", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d111f0b-fdd2-5be3-8e0b-6f35575baa94", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a231bb66-349a-54f2-ae23-9b859c3aa413", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a31d2c56-8828-52e7-b816-793a89d44cdb", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4fa422a9-b0f3-5558-8c5f-c55d3b991476", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e4b2ecde-3227-5584-bbac-aa7933eede05", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ee635e8-5ea7-51d0-ae5e-b15cf14ebbcd", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:170cc1df-0b6d-55b7-93c0-ef039b79bd71", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9beda4f5-0fe6-5350-a459-ab3724f536c4", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9b1bd3a6-2139-5e2c-a2f2-140897a333e9", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d45a9ab-2f32-5ecd-aa91-026249347d2d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aab12daa-be99-5fa8-bf77-3c02736f7a75", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:40dd2bf8-73c6-5301-885c-061a65e87881", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8f8210d5-9413-58c1-97e8-414cc7c3194f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-runtime-javascript 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c9ecb6e-42dc-5817-a1ac-da32ca0ca4cc", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e7fe0e4-e46d-5410-9383-6b477df619e6", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-runtime-javascript 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:39a713c8-dfa3-5a76-b2f8-1445ccd47e1c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7e40e217-ef87-5a81-bf00-5f5b1f900e19", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-runtime-javascript 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0e401d6-94f1-5a38-a1ac-9f218f95f2f3", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2061d2d2-f650-576b-8404-14c889e57768", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.2" } ] }