{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6c07d97a-ab91-5777-af8f-178b8cfd8588", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-servlet-compatible", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d584ea1a-d5e6-51d4-bd48-3142563909a1", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a80ba1d5-322d-5d7c-8425-7917b063830e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b679db1d-1034-589f-81d4-f045417ad83c", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e3f53d3f-6e16-5751-b3ff-12602e4d94f6", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e2c5a364-59da-5e3a-b8d1-88794a2a9ae6", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9b9aa593-b66d-5d0c-b431-931960dc403f", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:da3cabb6-5eab-5771-8030-d527fcb4caf5", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b06839dd-cd6d-5461-a4e1-9a2f3694694c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f8c19425-9c1b-533d-b192-08bcf84f1abc", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ddbcba32-d1e0-563f-851e-3b60f04f4944", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b28a0dd6-e5fc-5333-9b43-d9ebce7367ca", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d8927e1-9ad6-5b0b-b653-1f125ad2acab", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:30af6563-b5d3-591c-a4f0-71b978b5779a", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:81f2aef8-431e-589e-92b7-38784632c8c2", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:42600688-bd9e-5509-b46c-31fdcb38e78a", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:62158f5e-a9c8-5ac0-97aa-c08f1362c2bd", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:345032ad-8fbe-54ec-bbde-408374b773ce", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4f1fc606-d09f-5aa3-98df-d1a038c26606", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9fb3725a-d438-5d29-abc2-c1746a7d694c", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:244f0db6-a383-507a-932b-4af5dfb90426", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4e43a3df-676f-5c8f-b8b4-e32a03565503", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:307def31-6083-5d3d-a0f3-5d9560eb0791", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b3e68e0a-743b-50cc-bd1a-08bebc09dfac", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:419e81b4-7f95-57f6-b439-ff40534a95a8", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cd06a723-1bd8-58f8-9182-2f5e3fd63eb9", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4ac4bd78-488c-5fa3-ae96-38671cb32b2d", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-servlet-compatible 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2b41ee76-264b-5e22-8c19-d14ebefe7ad2", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fd8583b5-ada3-5724-9e31-f463ada8e472", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-servlet-compatible 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ed74f98f-18ad-5092-bebf-d32a7e8f5f90", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ec3afc73-a6c4-5a06-a38f-10925dbe767d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-servlet-compatible 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1f59a59c-c427-5b02-abb1-55d19ee88520", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c3e4b0f5-111f-5411-9de0-22167d1d1559", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-servlet-compatible." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-servlet-compatible@3.5.11-tuxcare.5" } ] }