{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7b06d760-b207-5e60-bd23-bb76616a639d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools", "version": "3.5.11-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f0b27601-5349-5c70-855a-5eab0261fd0f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6aad11fc-8ab4-59f5-bb5f-df875ea9fced", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23e089d9-17f9-598f-ac04-9d3626727bec", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a6f114c4-3a2f-5b30-b43f-73ec0a3df48e", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:091ce7ed-071f-56c6-8d4f-8ab6dd3a11e3", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:eec61171-bf78-5552-af95-d8cffacf2d85", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c15df100-7e2c-5caa-994b-0ff1195a6bc0", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4721b47d-ad81-53c7-9d12-25f1f1ce23c0", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fdbdb00d-0e42-5ed6-85e0-69d2921c1b69", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fa14b5ff-ffcd-5a4c-8ceb-580fd5727f89", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f1b99fc6-ed79-5b5c-a450-9e9357362af0", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fdec29a9-bcc1-5175-b5f8-e0c50416f344", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:077c5a64-d5d9-5e0e-bade-eaa6cdb162bc", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:71449c4a-5400-57cd-8406-b59d370cd7e8", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:467e35b3-edcd-567b-a1c0-7a2f9c13f7cf", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:22e7e494-e6d7-5981-8e90-03f3af3b6bd0", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:abfd1f8e-76b2-5dfc-9053-8511d5352e7e", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9562b4ab-4b70-51c5-b210-c661ccc92dcd", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bd835946-adba-5712-881c-5cbfe34bbb13", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc558bf8-2bfc-5f4f-8c13-14003beb8a44", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e781ceac-ec47-545a-80d5-37f00556f2d1", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:31e22e66-af90-5fc5-aa46-201f96ef0e80", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c81ea71c-ad75-5b8e-bff2-66959afebce1", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:12829881-22cd-56c8-a39a-3db636d274d5", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7aa214bd-1666-5f02-b9ba-e1b735bbb162", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c7fbc487-d97b-5600-bc26-86c8b90b8ab7", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ae7e9647-c8ed-5eda-8d82-a46489da01a3", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5bd8954f-5c01-5f67-b906-f724aad0b757", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-tools 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e4a5635-ae60-5f42-bf20-8a469d165eba", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3e9a1854-d872-5f78-a953-b5c6b3b6566d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools 3.5.11-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:50032784-d470-510c-adfa-c4b85847ecbb", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1a6d2043-f558-5954-a1dc-6caa899bd988", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.2 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.2" } ] }