{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:afe24114-c016-5bca-be94-37774fd7b74e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-common", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b165c3a1-6f1b-5b58-b358-f08001c3ebe1", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ec9706f-d5e5-54c8-a9da-55c0eb7d0f4e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e774bf02-5d17-57d1-945f-4cf89b307e66", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:37f4c959-ec7c-51f1-a782-7852dea8044b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:af9e903d-c52f-5d6b-99c8-aa1cd6e2351e", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69f31237-0e05-5b9f-a3d2-51195821e7ca", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d51881fd-b32c-52a5-87ed-5daa40c3f630", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8188993-96e0-509a-b260-67a943a375f1", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dbf362f3-6726-5b69-9933-c9264848cd36", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0bb66b27-1a84-5837-8534-22e8740ff8ea", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:228ec5f3-a01b-5c6f-a155-c74a9e7bb26b", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:da00158d-e535-5d57-b9af-cbc21bf40efb", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0fe3def4-fdd9-5c11-9773-445dbee66216", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:054a9b2c-ae5e-51df-9821-037f12284557", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:60fd2997-9e34-504e-9fa7-d1d7b8fa6dc1", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dfce2cbb-38d8-577f-9ac6-8bd14f9d6e8a", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4d532977-b995-56fc-bbff-1d2baaf7f054", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-tools-common 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4afde806-6bd3-50ce-8644-ea3bc0cd70a3", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:438cb9a4-4a12-53f1-b4c2-7792bf2ce1bd", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:764263d6-8711-50c3-a018-d275dce9851c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba271a5e-168c-5397-b95a-4dc7dd693529", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c220ef6-6e37-5b24-82b6-8bf77f2d9306", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:129c477c-d815-52bc-ad1b-e5472a70de64", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f526eda-c8d3-59fc-9bc8-827cb98f65e7", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b40fa56-5b42-55e0-93d3-684ce7b4c082", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d54c420-6575-574f-9397-0fcb8aef7407", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-common 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c55cd4d0-1f6d-5bc0-91d2-46169c85226b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:46c9e0a5-c22d-5ce9-a6cd-4b1bcaeb5cfd", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:702546b6-145b-5d8d-a367-90335be50fb9", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ca31c630-0012-5084-9afa-8fdf127a141f", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-common 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3bff4fae-2950-5ae4-8f00-11e17a798de8", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:76bdfcfd-9702-569d-8406-8127ae43d1fa", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eac5f6b0-0346-5fbc-810f-fcab71fd3739", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6978113d-4a74-50a3-825b-3322cdffdff9", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9-tuxcare.2" } ] }