{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:52c0aa0e-023c-55f3-8ca3-24ea865a1d56", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-javato", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3ae7f1d9-d199-52db-b5ef-3cdb7e72c24a", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:68dd9dd1-3b5c-5a7b-8e96-5ac9c0e82ce6", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d2792aca-b1ef-5011-8e2f-0b7ac5160948", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:34e0f868-81c2-5251-afb7-888f8f193523", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2d38b0ad-541b-59e3-8f17-9e8b59192545", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:54562b97-27ae-5645-a8f6-a46d731320f3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:065daaf8-aeb6-5bf7-b5e2-e90c995ec73c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06a941d8-256c-514f-b616-9bdc6eeb7ba1", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3013a369-4e91-5853-b11e-b8792d40bf6f", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3d9826f6-d802-5b38-aad4-2d4dd64573e6", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:90c1cb65-ef17-5428-a044-e4bb6c7354c9", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:586bd1c2-447b-52ea-b803-74dba0ddbdf1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7689ac78-4842-5b8e-b5aa-1e2fc8dbebca", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff372aa0-5def-5762-b2da-864755701601", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e97d7007-1a63-532d-8c21-3fcb131567df", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7fd426f2-26c7-598f-891e-e2c05dc3628f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:383c38db-7a19-55bf-ad2a-8e3756b3d220", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-tools-javato 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe49a245-db1e-5d9c-8626-0d5985530a92", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:18b9acd2-5aef-55cf-9503-9a1645167819", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e36d5097-d9a6-5a9a-aba5-a85e39336cda", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fb479f75-25d5-5771-be2d-920fa76a0b33", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:32f8bd2a-c0c8-5449-a3e3-6ac96ecef5e0", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8111889d-bba1-5876-a31f-4880c48ee9ec", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4018a2ce-17ce-5b12-9584-4a963c868546", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:827320be-a86b-5952-b385-9d8cd7ceca86", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:50fee677-a781-5ef9-bbf2-485bfa4c32cd", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-javato 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:00cb7a0d-3031-5b16-b3b0-e9774d1a9053", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2ad90a05-8ca2-5df0-874c-d1c6bdb42140", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c461ca4-b195-5f93-b27e-a34873bb1279", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:19927cbb-eaba-53a8-8823-fce40b73b1b5", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-javato 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:45fb0786-6e1d-5584-9994-38c6702ca77c", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7aec7358-6c05-5783-8473-0872fc285738", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5be7be3c-423d-515e-96de-66df0b279638", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8faa72ee-5351-5fe8-af7b-9207f752e2fe", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.4" } ] }