{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a5416bc1-2cbf-5558-bec5-11345b5cab48", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-javato", "version": "3.5.11-tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:06ab0c46-d206-58b7-b83f-285c202db134", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1a704f09-57ac-5de2-b4a3-b21cb4d5d382", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0cdb4c1a-dfc0-5879-8308-119a20821dfd", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1e9d8788-e15d-5fb5-8730-59ddccdbf5a9", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:935edc21-362d-5726-9f37-3ac42f677e6d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:de1dc582-423f-590e-8943-ee360395c2dd", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1dbad578-7166-555e-bc47-cb9884a41539", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2aa77ca5-f399-5366-a528-25c35097116c", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6002f84-0a77-5bcd-836a-bfdc93701e58", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a159b1ec-dc8b-5100-9f03-7b16365b110b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5cc7a16f-3a86-5bdc-9eef-6a9003741e04", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cfb258c9-a412-595e-9f6b-218382f8e54b", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0f0af366-e6db-5e15-a484-53fd36fe4aef", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e3ae59e7-3415-5a3b-9a34-df001456ee56", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:61b4908b-4858-5106-8fd9-5a4f39e8e5e3", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:03d52331-66be-5eaa-b39a-014c06509f8c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bbb436e2-2918-51c4-9a61-8e4436158bba", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5351f75c-80a8-57d8-ad1d-c0984985ba03", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:519dddcd-a70f-5f53-aae1-7463cf0f9837", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8b211a31-54c9-57df-9df2-60ee3164f958", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a16b2f60-d731-5325-a6cd-ea5608e8d74c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6efa7709-70cf-589b-a2a9-eef88ed05f4d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e2b95746-105c-528a-8512-0d9c5638a429", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5b14b0de-d23c-56e3-9a04-3b1d44a65278", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1512d6b6-c227-543d-9c85-376100a51697", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:121a2f68-7b0d-5a4b-b446-3842d36b2fa3", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-javato 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e01e7a0a-c2e6-5bf2-af99-3db6eeb0da9b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:592f72d1-d68d-505d-93fd-fc04e14a78bb", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-tools-javato 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d2e80b17-d14d-5279-a091-39cf382d9649", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:764fa3cc-6f01-5952-8f6d-0756a9f803b4", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-javato 3.5.11-tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:826c6428-9299-51bd-bc94-549e7c507f35", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1bb0ef1-3ded-5ffd-a1ec-c3be52450836", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.1 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.1" } ] }