{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:46424067-f5a6-5374-be4f-ee16eb80cf11", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-javato", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:42a2f629-b96c-5228-86de-b0f58081cc08", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a901e277-ee80-57a2-a524-b22f82136549", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9c10693e-c21e-5ec7-83af-a2170e1dbb77", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4af09a55-05b0-5990-a5cd-237598381b74", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:41827cb1-37f5-5e6a-986c-d355c31eed20", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c5d4d350-19c2-5665-934e-09fd4dc81251", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:44e38b0e-29fb-5d24-90f3-12d41956d23c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f14a53c0-f4a7-5368-9c83-be35cb78706f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:80a906b2-76f0-587d-a0ee-15c942a3325e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:866d3be3-6288-513a-9e08-27a5ec410e2c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2356c37b-b486-5176-a7ed-6b2d3a84e02e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:66a83086-01ae-5b1a-986f-b489d102f328", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4e119ad6-2efe-5bee-ba99-10f40e744c00", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f33bc2b8-f066-524d-8168-17e2f21d80d7", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:482ce114-77a0-5add-9ece-27709d6890a4", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:88fa6778-f2d7-5912-baeb-e846e10ccc98", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c683ab2-f64d-546e-87ee-f03b54b1c7b1", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d3e9456d-ef10-5bef-8490-5f2634c1703e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4fc8998e-943c-5f70-9dcc-3a6bf3182fc5", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8451fb40-8242-5e7b-87e3-2b0ff359965f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89fedb6d-202d-5b63-8bef-3ec51c1e23dd", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:261a071d-78da-5ede-acf3-c9e4d42859bb", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aea9f611-5285-58f0-af77-e76e827a589d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ee23e89e-5198-57ab-a6fe-6f10df5a808d", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7907d93b-afe1-5ecf-91e7-e11a061523e3", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ece2adbe-72ab-5389-8b9d-77098a65935d", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-javato 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:71e1d29d-03b7-54ea-ac0f-3757f167ef8d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ce695e33-093f-5091-8523-41c01158cbb5", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-tools-javato 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e17914fd-682c-5f39-87cc-d937d93989d1", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9210f07e-00d4-54fe-8fba-9a59b85fec20", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-javato 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:38880896-1ee6-584f-b169-d620da823da2", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7fe3842a-6995-5910-80ba-4303ec6bf747", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.11-tuxcare.4" } ] }