{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a56c4eb6-f65d-57dd-9bbd-c5f7d2d71cf3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-common", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:41ba8b86-f376-5e5f-80cf-555d7a0d18d0", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d57d269c-3861-5fef-956d-8f7d26f408ac", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54953bfb-7464-533b-98cc-b430bd3b2f26", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:70beddae-7f25-555a-bdfb-8c84f029a270", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dafaf36d-5d02-5bc4-800d-4824f2202444", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f5ad323e-9f42-5481-b552-126aefb786d8", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:562a88fc-dd07-5ba5-a2a0-e946d9cfd703", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8ecd6fc0-b9d6-5bbd-9e9f-292a750e2842", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4fc65c74-65f6-5090-bcec-c28fe3d0d50b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f209c8ad-d119-5f62-83c0-44d5b0c31160", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e3ca8719-a0c4-5fcb-b270-1285b655f423", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e5611ec2-4cd1-5c59-a298-b1171dc0893e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a04b720d-9807-5773-8df4-76c2e0101394", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b9854ace-5dc9-5be8-8310-2862f727667a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4cb51a2e-bc2f-5493-ba24-b960370dcf0f", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:397abd9f-8d66-555b-a67e-e3138e890812", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a024db76-280b-501b-9f8f-c15029e2d6df", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e8a31679-d45a-589a-9da2-a9e110894d8a", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cfaf9cd7-0be4-5dc0-ac50-d4f5b3f09b46", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9560690d-5ce5-5801-a9ae-4cae60f28f6a", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5d72402d-e40a-5161-b4d1-cbad618a1008", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:688181fc-e9b5-5214-b5f3-403144df372e", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:baf45b32-c693-57b0-8a7b-7751bbaebf04", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23922b45-cb69-5f48-8a88-29d4f8234740", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fcac785f-8cd4-5fcd-be7a-63c16ce58dad", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:87a227ad-7d4a-5da1-8d9e-afa23702c323", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-common 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6fc75a85-b891-572f-8c10-944c8ae7e747", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4b52a512-0b41-58d1-9e1b-e5b6cb53569f", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-tools-common 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:47b2204d-ff48-5d71-9f4d-970327379d57", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:687d279a-e291-5cef-be3c-4a8adb69063b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-common 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:eacc0f76-045d-5196-9d43-47681bbb43fd", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e48c2f2c-91a2-51ca-afd1-7e86ab827a7f", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.3" } ] }