{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bf7f7b6b-a23c-5c6b-b49a-0ec5fcb405d0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-spring-boot-autoconfigure", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b788da26-67ca-5c6e-af6d-84e71d92d9fd", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ef86ef7f-7810-5885-ab5f-a2d87ae218f6", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7620bdb8-b90e-5bae-b82e-139b8fffde23", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cf534291-ffbf-5d4b-a577-6ba3de46791d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e5d909f9-b862-5900-ac28-388174766d77", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f4ffaec8-60d2-5038-8ef2-6366033ee76a", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7a0bbb26-6f59-5c1b-a260-9feab4c76481", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1a9dc7cd-8380-5f06-b0ae-9b9d649a8d1c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8d11795b-33f3-5df9-8216-82e22f6191c1", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9190fcd9-3b0c-5157-82d0-2708e3e4ea0f", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2a064bb4-9071-5347-85b3-610f25f1e4ef", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1fe63470-8876-5e1e-b93b-40b16929cf02", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2bc5ba63-c636-52e8-b479-3578ab55da5b", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0b53e23b-3e79-5f1e-88e9-507c5594f92a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:06ccec1f-f229-57b6-bef5-d58edf197475", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c8ea9b03-ee0b-50d9-a004-f6d8f82cd185", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d25622b-9b07-59d4-ae48-0356f922e08b", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:99a1428b-7aeb-51d1-a58d-021b508af335", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6e6e9e63-7690-5e5c-afec-867c8c1b4fd7", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ffac2f67-d77e-519f-bef1-2fb2ea2f6217", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dd156713-a624-5d9c-970d-11c54c11423d", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fff81ff1-5cd6-5577-b181-a35cda408b29", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:773c6859-64a3-54eb-b56d-2df7a8f544f7", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cc8d50a1-e38a-58f7-bccd-b0884ebe5ad0", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:490b2fca-b581-5b96-984b-e83382a7afbb", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a0ef6214-fe42-5b88-9e13-195823541361", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-spring-boot-autoconfigure 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af0f33f3-78e7-50b0-b8e3-d0078a2ac012", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df81436c-833a-58d1-b5d7-3cc744d2a7ed", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-spring-boot-autoconfigure 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:21ed9660-5d09-5d70-9024-a1f3314240a4", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:31b13099-e644-5074-ab33-c7659bc913d8", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-spring-boot-autoconfigure 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6a39096c-3e44-5c43-9312-f9d159f389a4", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:07504a6c-4991-5338-bd6a-239de4d35bdf", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.5" } ] }