{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5537ebb5-5c4d-5a3f-b26f-49e63a13e5ca", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-validator", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:562b8e1f-5239-5f08-a7ac-793f54796ff8", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:debe2feb-6223-5ade-a154-69ddb2ddb050", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5ea08570-63d1-5e69-8c74-8c78289ad26e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:979344b4-739b-5ba2-8e08-96cb1c7124f4", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d5c4755a-3e21-5b8b-90d6-7180393947ed", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:92066ef1-dd37-56aa-957c-1ecee1cfb2c6", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1aa0e475-1c33-5b8f-b8cb-ef4acedc6231", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c4e3dc1e-d13a-5418-95e2-19570147305b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c3552c54-4747-5859-9869-c2ad894115af", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f607c91f-a90c-5c45-a5dc-53e5492d55b2", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:118358b4-2c52-5034-b7fa-1c34882d4f03", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:275287ed-ad4c-566f-9d70-17e98fbc7cbd", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bdecf289-366c-5c6c-978b-a2da2fb17f51", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6c8f5436-5a97-51c4-a1de-9360bd6d41a2", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7d7236c6-327b-5de7-b4c0-4f1f53333682", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f2014088-a2d5-59e1-8dd4-506a22f71f7f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:032b4550-34ce-58f7-98c4-6d9a78c7ed0a", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-tools-validator 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:886b8a82-ed14-5ceb-8ce0-06e0efb09fc6", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ba021c9b-6f02-5736-a82b-420781b7131b", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7e1062d0-f8f7-509c-a35a-a1c93b6f13e8", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8f68827c-9350-59ea-8101-c0c0d2f13207", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7aa7f531-3cd2-5d26-b61d-7ef4a8d476b9", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:170a19a2-513a-5924-b078-902073599078", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:81f31df0-e02b-554b-9a37-ed705dedaffd", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3bdddc99-00c0-5f7c-b1d6-8a88fa7b8ae1", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b2c29fbd-b9ce-57c8-88ae-589fbe9a3cdf", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-validator 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:21891d5e-1534-5427-a46b-8d6fbb3c2b0f", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d38ba668-05dc-5780-a3b3-4567fcf21695", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8d108c70-8435-5d45-9ed6-105788b9da15", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b0e30bde-6d4e-55f0-bcb8-fb4b3ba821f2", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-validator 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:72c1f18a-7950-5c21-b30d-aa5bcec7a615", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e227894d-2c25-5876-a975-d50aabe301c0", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2047256d-a4c1-54a6-8ef8-34b5a10cb6fd", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:482bc3d3-eb51-5471-8f46-554b834570e0", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-tools-validator." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-validator@3.5.9.tuxcare.1" } ] }