{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a393cc09-1c9f-517e-be97-9ddb0073855d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-javato", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b108fccd-d187-59d9-ae54-5b8e5276a6f8", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b78b1c1-1f9f-5513-bf86-f22b84e9a203", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:403f378d-bcc2-5261-b2d7-59b560920a26", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5da52ff5-e10c-56c9-87ca-e929ada49d63", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:87be2afe-7ee3-5f76-b218-b1d26fda8aa3", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:976e1504-b4eb-5fb7-8c01-597a2a306609", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ebff359e-7cb4-5659-afb5-2911d9066974", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5d431736-aab6-5182-991a-e37f3b9698df", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:31f5e77f-0cb4-5687-af95-f62123655fc7", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d15a4b86-0aae-5e7f-aed3-c71d6af272ed", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:245c2e18-dc5e-5a8d-a4e8-80a84162ed90", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:789a3a88-688c-5e83-abb7-cac88be1a240", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd41ee20-5d4b-594a-9f7d-c5a85a380068", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:171ada01-7c55-54fa-9a9f-d60fd5314f03", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1d5bf23c-616d-5f29-b4b9-cc46e57fe797", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:90f0fcf6-d44a-5c9e-a6b7-0a7e9d9265ab", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4c821b4-ff86-562b-8e6d-dc173b5efbcf", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30eb8ccc-868e-5150-9961-e2274e09dd06", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:429125c8-6bdb-5d0e-8ff4-26ac4b719896", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fd117c58-3e4b-54d3-9a99-e547affd0014", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:432974db-a06a-575e-b3dd-788772ad348a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:70753fa5-bd4b-5c0c-9e90-195b74e48cb1", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e98d91c2-ef23-5ba5-b1de-41529c5ba738", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b722a9e3-d758-50c0-b24b-1077621fde36", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a3b536e-a765-561f-962a-4333eb7fffb6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:84fdc40f-7ef0-54de-8222-86a99b78e9aa", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-javato 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7f164e9d-7b7d-5899-a05d-191a97ebd25d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1d787971-c65b-59df-8a3f-fe432cae65d5", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-tools-javato 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2cf9dcb1-ca99-5be4-8b3c-b4c8b9a7ff60", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c7779cc1-21f6-5951-8ad2-a7743cd5d75d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-javato 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b72c0d4e-b68c-5d41-a4a6-f3c6d1a23d3a", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:93a2111a-7457-5eab-a921-d17d832c0299", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.3" } ] }