{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:fcf22768-d7d0-5c77-aa14-10b62d93e69c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-spring-boot-autoconfigure", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c60ab845-b0bb-5e6e-916a-b48ce547c325", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7c7d2186-95ee-590f-8f16-17ee93866dfc", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d731c3ca-9634-5aa0-9944-51cd16920e37", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3d434fd-8863-5846-9c4b-be46c6757342", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:acce4e8e-c887-5d46-ade5-2e61490cb463", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:42840797-8d42-5545-add7-c0def390876b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0f773edc-e9a9-5ac3-8940-597877982708", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:36ef1072-03b1-54f6-a288-f34f1ed2092d", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55ac4a34-ed46-539d-9527-341126674459", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0215b9f-bc58-50ec-a406-f315142a5305", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:80dc8469-5d23-5aef-b648-db7a343f7bad", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f69976be-fa32-53bb-ada2-211602fdac79", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:125e769c-1ab3-5075-8665-5bbfc5bc64e7", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:66f9db78-7e86-52bd-b36c-38393cd48f4e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e094b224-9f31-5c19-a472-e991855cdbec", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3fe37e88-36ab-5417-8cd1-7313556c36cc", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57e19d20-adc4-5da2-985b-523d45f13155", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dcff443d-59fb-5242-8e1c-202cefa10219", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:17a1cf1d-78b6-5f49-9e8b-f802cea24507", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22bc863c-11af-5f74-b136-71d6667de1f9", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec24a3d8-1f20-5658-8498-23f664a48912", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:92f1093e-2b51-59ed-8512-53b51c8310a5", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:544bb9ff-2dba-5fd6-80d9-d0ce6bdb4d32", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:96620712-c84b-5d25-a8d4-eee3d32f8bf7", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7db0b985-092e-5d06-9d39-31332828d4e9", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3fcd826e-a46d-5b44-a33d-7a2e8b6adc42", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-spring-boot-autoconfigure 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4cb4f3ba-964a-55cd-9ba4-55cfb0af1bc6", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:24e0bc37-8a0f-5d23-8067-1e59bd21ce63", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-spring-boot-autoconfigure 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5207282f-3471-5d95-a40b-5f156ea13da0", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7fc573cf-747f-5f87-aa19-98aa80de1d70", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-spring-boot-autoconfigure 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d0a20076-35f7-5e09-9155-60dcf43a16f4", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c7f87bf-32d6-5980-a271-2ea50d8502d2", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.2" } ] }