{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:7b18940c-bce5-58f4-b648-ca2a26c33eb2", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e4ba706f-0d75-5a9e-9874-e3211f5f1490", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2f24c774-35d5-54c2-b130-08cf67fa8688", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:41605eaf-aeab-5a50-a8dc-ad5aa7d04549", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1a9f303c-fcb6-5bb5-a029-a8ec9824b9a9", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b559611-a671-52b8-9357-daf1abef6463", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0336e660-5c7b-57f0-8ea8-006c09f8873e", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:37553c5f-cc52-5bc9-a89d-9de1c9f9be48", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5cc5c64a-0add-575f-8df6-8e4887a1ac72", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8c9097f-6db4-5aa0-8a50-2076f9e35235", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e90486e3-f572-5007-925b-d759068203a4", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bb79e4ff-95f7-5882-b554-8b4579ea47cd", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6e043ecc-b9d0-5a9c-b8e3-7647edfff6ff", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a1588fa1-6bd2-5ee4-bcb2-170beac38ae8", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ff49db1b-2b07-5b29-b37a-0176878295c7", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7c3ea831-8a7c-5be9-8d9f-9a38b0b19775", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:63c49c93-33d2-52e7-95e0-529b3fb82307", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fda564f3-fdba-5a8b-a1d5-6b5b90c6b817", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2eed872a-7f90-59a2-9bb6-35bfd76ddb39", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:91531afb-e51f-50da-9397-5acd90676129", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:39b8d05d-70d7-52b0-9eb8-a9e6bb35e85b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:16401296-82eb-555c-b644-01fa615cc2e7", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:13b03fc0-fce5-508f-8eed-e6ea57bf8e35", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7f76acf0-44d9-5dcd-9b84-5f5fbe42ee40", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:56b3aa0f-1de4-5b56-ad43-708b5fb3c0fb", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:674c9962-a873-5baf-a56b-fe636a05a131", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1204427a-7703-5f0f-a865-60707f80ce17", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f8bad4b4-3c4c-585b-8953-c63e5f5108bd", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7988d66d-80b9-543b-87ea-44e949de62ed", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-tools 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5504ea21-0d98-59d5-bc14-5cd6acb89279", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:baa21e85-d713-5580-936e-e46d521d5f91", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b5ecfc6a-7c1d-522b-9fae-b977b95e0041", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ecdc6781-3f55-5606-82cd-53161d8df0b4", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.3" } ] }