{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:aae3afb1-d7e3-55e8-b84c-c02a6a211eb6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-validator", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c634dde6-12cf-595d-a6a3-713505eb9dee", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b08b7b5-6864-53ab-bd22-99b332035b36", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8d7178d-21a8-5ab1-a2bf-8ad2ddb0a1be", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:de61a8e7-1cad-5cd0-9c4b-77de9708980d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37e8d8d0-3cd3-5740-adba-3d3ac8ed0334", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:959e1a97-6f7a-53fc-8f3a-340c1d5d1d86", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a9bccd99-8ff6-5e20-95ca-4ee9b7d13271", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d705b59-331e-5bc9-a5f9-63c47b979776", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:90415c74-33b3-5b2d-889c-f4fe8686d0a4", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c011452e-420d-533c-a37a-b3fe49d47af4", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:da4e16ee-7eba-573a-b964-f50f10113274", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2c43707d-5eaf-5474-999e-74e894c1bef0", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d9add91c-c3f5-5205-8a06-a17bcd217e58", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a3e43482-de43-58f2-b765-831f2664fa03", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:10c8d06e-d45a-54f6-95dd-d48951db59cb", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c3e88ffe-d58d-55bd-bd42-9dfed0157ba0", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:30b911c3-cc5e-5fce-ac75-bf12cc1b85e1", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-tools-validator 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7263999d-72e1-51b8-beac-5bedfcaaf23b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ab32e9df-a312-5d4f-829d-23b6673a20ba", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b1b1070b-6213-5371-9b09-2b7e5a9b1c8e", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:40106a89-4600-570c-b1f5-2f64967a0240", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1d3c18fc-f40c-5c6c-b9e9-43bf1f297262", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ccd1bd40-4fbe-5593-9a76-ee4447cf616f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ea2e2ffb-a33c-52b3-bcf2-c3981e40b9d8", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:95222b05-700a-5873-b546-54c8acba04d5", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fb468562-6847-53ac-9c6a-6740e38e1448", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-validator 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1e7579e2-11c5-5129-940c-150572d499d4", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8f5e1deb-39be-526f-992c-fc71192a2cb6", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fbb9d90a-fbae-5869-b5fb-236f8517da55", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cb4ed3f1-7d10-53cb-bc03-53ab6b30dd67", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-validator 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af3369ee-a64c-5042-9a37-b4910fdaa8e0", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:697ad611-cbc9-5c7b-867d-275a08598a1e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a38d2b8b-23b5-5a08-a793-d9262873045f", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a563edea-7444-53a5-a77c-1758ee50a8d5", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9-tuxcare.3" } ] }