{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:945e6a72-b9c7-55ad-ac56-6fa0cff17cd2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-common", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:8931ddd1-ce67-599f-983e-7513f3a9d3ff", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72616366-34b6-56ce-9323-ee1a01e86452", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:47a94711-46e4-5fcd-b324-2e343eeea109", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1cec16c-9d72-5e69-a932-bccf386b5530", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e0bc2bf6-5914-5323-b275-939ddc5cacad", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:14a49beb-905e-5a9f-93c2-5e95871125d9", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a834ab4-1740-5665-9af4-e1afba5f35cb", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:79a5854a-ae0c-5cd5-9c46-a7fdc3a22d69", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5017526d-90b7-52c7-a132-33c4047d8d9e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0de3446e-bde6-5ef8-8537-29a92d5dd141", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:16a2d40d-cf7b-5181-95c0-2b41f51ea82c", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ff20dad-c435-5f5d-85a8-995a6e94b1f6", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5201b8d2-065d-5499-a240-0c2b96595667", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:baa102e9-d285-57d1-8df0-a61845070c8c", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:712b9ee4-4021-582c-acca-52dbecac775e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:aec4af37-4ca3-5c2b-8359-8de8bba40eb1", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:98df549f-2aa4-548a-bc69-b782ace24ca5", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-tools-common 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:edcdfa6e-1ba8-5777-89b0-e2854104c9e4", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e22bdfcb-371b-534d-8190-624a8cd5e0db", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1da19de0-164a-5fbf-a14e-02bae6305385", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d0ddca28-1c18-5057-a17e-6aaf4ec48c7a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:06a80375-55f6-5af1-b82f-3afd0b074474", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bf5fe116-e299-598f-8340-3916854296f9", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1d129ec2-ced7-56e5-8ba7-8e2007a01ed6", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0c813a13-c6a4-5150-99bc-f0d3c25bc8d1", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:19e2a192-56f0-599d-a0fa-ee5f8921d53f", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-common 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d4309198-f31e-5e51-b048-bdb51829dfe1", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9e0f2bfa-e67d-5e12-9300-42c46de67719", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b4ffef16-e8ac-5db5-9439-a416c05fe03e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:76d6c3d6-85ad-5f63-a2a0-d4e5df96ac05", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-common 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:35881ef6-045b-5ad4-8cd3-44c091c8c1ff", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e5b5420d-0671-5b83-880f-ae7168d6ccd5", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c43b32f-1507-5884-a2ce-6ec6a10eebf0", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3837adf9-276a-5964-89fc-7664d18d4f49", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.9.tuxcare.1" } ] }