{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a30164b1-5209-5121-924e-f4448523d6b2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-runtime-javascript", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:af5ba20c-b71d-54d6-b824-731683a0637f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2600bbab-bb85-59f5-bd12-4ec75aba24f2", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:caf0b0dc-bfde-56ba-ba25-75af04fe8809", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1ec9c7a5-640c-5a95-adec-80a945fecd60", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ed361b8a-4c91-59c3-9839-ba236bbb9212", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3e4c05a9-d464-5a4c-8788-e2f690142fc3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:13d1bbb8-6671-546d-bd65-98e32c86f703", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dff3b207-9175-5351-99cf-754b5b4a71a6", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ea8a1a31-e7d0-529f-a28f-f19ffb1aabe8", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6e781f14-6412-56d7-9cde-02d7b1e9936e", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9ed7ff8e-ed31-5a04-b43a-c8147c2683d4", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8492b8cb-3f5d-5e8a-9b0a-2a1410ba27ea", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e9a68248-341d-58ca-8beb-dc55e23015d4", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1c5b4f4e-3230-596c-a88c-920e1eb312b7", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:658cd112-bf80-5a91-be0a-c62b2ff03ffd", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:66f92e2d-e927-52dc-b958-9c082097d861", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a6485efe-3c12-5afd-b666-124b1c021c2f", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3d2be1b5-0527-55d0-bb0e-f41d7b0c0aee", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:41bb179c-cdcc-5a4a-8bb5-314b89e2eaed", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bce7a8b2-0ad7-53d0-9e1b-a1c493a84248", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d78be91-fb2d-58e1-aedc-968ae1362eb6", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:72e06c0a-adaf-5b40-9dad-9476f210ff95", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bfd6eccd-81b2-5d32-9629-a9d85591db2e", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:933861ad-b248-5a2d-bdd7-b0fbe0b4e86a", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e626344f-dfbb-5875-a4a0-d54f0cf216fa", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:37cd26f1-373e-5834-bbc4-3abc049581fa", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-runtime-javascript 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2792aedc-43ff-5fe6-a1a4-140f10536acb", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dde09b88-10cf-54d8-afb6-ff3664642ac7", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-runtime-javascript 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a52c0d94-4574-5974-8af2-9fb46e617755", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3aca29dc-2661-5bab-bd39-ec9970b0c35e", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-runtime-javascript 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cae288d9-cacd-53f5-a5b4-e9b9d17e8971", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a9088088-50c4-5526-a9a4-eab8e88e79db", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-runtime-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-runtime-javascript@3.5.11-tuxcare.5" } ] }