{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ffc61b13-150d-52fa-a6d6-66781f4e7a00", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-runtime-javascript", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:6cac2b86-9c4d-5e48-a73b-e962c01c1b5a", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:117e3783-2b0a-52c7-bcf8-760f7ae09530", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b8e66c28-30f7-5b95-8b63-d4e85a3a11a6", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75dc43c1-808e-56be-ad8d-ecfc2a29d8ac", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ebcc6227-d8f1-5e8f-ad7d-b3f3960caa97", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f72ec695-2804-5215-b35b-e5a3c4954015", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:609d6a83-0186-5377-ac17-2293ecd9884a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e275146f-555a-5f8c-aad7-8029b344c717", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c6aca5f7-8fd6-581c-8a36-e7932d4b6be7", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f69211ba-0f54-51cb-b026-64c99036e518", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:680d9346-f638-5501-84e1-35b7f1ae4556", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bf85c955-b88d-5a63-92d2-659f2218e434", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:042b5583-1407-5c4e-a11a-9602d6977ffd", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2f1dd8cf-aca0-5770-bfb6-68fe72fe802b", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f9f34c82-e132-527d-9854-e042e5d3f28c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:90f3552e-d5b1-57e2-bb55-24fa620028c7", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f340433e-773f-5c4e-802c-21df509babde", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fa8fe72b-e9e5-5503-956c-c1b663949686", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e5f41cd8-2cdf-528e-a9f3-4017327f8c66", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b0285478-17a2-5701-bb7f-053c965da709", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:821151ec-d8df-51f2-82f5-fe2930d11b09", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f145984-5593-5d4f-b0db-2da168732b2c", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d862daeb-3068-53c1-a86f-2c99ae39d86a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a57e5cd1-63ca-5ea6-a799-65d8cd60a160", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dd885eb4-2c70-5c33-a3e0-488dcfeffb4b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7bd676c8-2c7a-54bb-8076-57f5fe428809", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-runtime-javascript 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:69ca7575-4c7a-5f78-98bb-5dfb00aea44a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32e7131b-e852-5a3e-bbe7-481d6e617316", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-runtime-javascript 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b6370c3-b516-5ce3-b722-7de9570a503d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9ad7040d-ab79-5e33-b8a1-f409dd7b0cb2", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-runtime-javascript 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:82b1b392-4522-56a9-8ecb-983c3c533381", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ff07358-211c-5d84-bbf8-30f1bb3138c7", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.4" } ] }