{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:56663bb1-acf3-5800-a7bc-da6bb620f150", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-corba", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:286714d5-e894-50de-96ee-e9f71ff79922", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63c24016-372b-5450-8c13-4d31085a5f5f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6d99ea8-63a9-5023-bfb7-7cebccc11f9d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f834ddff-43e5-5086-9a67-d244e0a946fb", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2404774a-2f8d-5958-9bec-a0d21acf3bf0", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8aba9f6c-3d1f-5a76-8fa0-dc829da13db3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0efa3c5-b68c-5548-a056-8f695fcb2f07", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:95347591-a387-5855-8c42-001d8e1f8a67", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0331f1ae-e9e6-503e-b475-768d78ea88ff", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b347a096-549b-5405-b78d-efdf1a2cf2bf", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d494b690-5197-5a52-abdd-786439889b73", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:73f432f1-d6cd-5481-b617-80fef5ea9d4f", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:143a0781-ca5f-5fa1-a2a7-b3c12ca5a48e", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0a33e253-dad0-57b1-9f18-10c189500195", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f5daa3ce-b59d-54d7-93ce-d9e9d5fb241b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6a79a767-d2d1-57d6-978a-824bb956b8a4", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:77a8cb4b-db51-5c3b-863a-0809c48f5e27", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-tools-corba 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0352fdf7-d8d8-55bd-86d0-8829c7d903f7", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:53cc0ceb-0f26-5030-98ab-563c7df1496b", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:709ab019-672d-55e7-9def-3cfa0b179aab", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:54d0d558-fa76-5d28-ac48-be1a23d5efd5", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b1f9ff24-621a-5af3-8c08-42ffe0015aa7", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8937918a-a3f3-55f0-8b95-9b96544bc6fb", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d9cd3b2c-e12f-5dc2-8662-4ab38db0634e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:64cf0456-c411-5c65-b547-1607bb859fc0", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bd058be6-35b3-5cbd-b575-7f6ef0788ae1", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-corba 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e1117c3b-29b0-5ce1-ad15-c2a1bcb46f4a", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:40cdb9a2-3c66-5cfe-8c48-c78320d017a3", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8e2526dd-1ffb-5529-a035-49282d9fe95d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:537e2092-8d7e-5cae-92e0-9e1784a5e289", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-corba 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31dcdd21-c21c-583e-8a83-1b29dfec355b", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5aa5064b-905c-55ad-aa90-ee3fe58c4633", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:871a8c60-3a92-5181-b71d-a8eeafef17ac", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:23ee83df-a91b-539f-932c-e4e1a9325d49", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-corba." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-corba@3.5.9-tuxcare.3" } ] }