{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8c9d6d1d-1cf2-5535-a900-8037122a7139", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools", "version": "3.5.11-tuxcare.4", "purl": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3b404483-597d-522d-a253-cfaa9f1b8538", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:13f01b3d-707d-52c1-ad35-6c306ca340c3", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ad2a18c9-4471-511a-bd87-27c9c1b09908", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b975431d-e8d9-590d-b14a-a9949d771d66", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:313a284f-1e95-5c75-b9ef-d407a9147988", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d887ceeb-cbc6-575a-934f-b08519a7ad97", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:059246c2-31e0-5b59-a166-eb335665ebb4", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25e85880-ab8d-54cd-8b2a-fdb96fba8025", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4756d5f1-75e3-593b-9cb5-833578c69a7a", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:25787c82-fb7c-5828-8800-4a0dc1578df2", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c97a2aae-3af8-571d-9fb3-5f3602f0b868", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:90b767ee-c130-53e5-9731-f66550cab86b", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6cba9114-cc98-5e1f-83c2-c3fdb736ee37", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b7917816-f0f8-5f02-92d7-a376a62def66", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d0f4059e-9aad-5220-a8b5-e8bb85b1b3b1", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:73c4bebd-deba-5c48-9b0d-381574b35df1", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e129efe0-cb02-5113-b28b-062591e157bc", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db3cab3c-af0f-56f9-95c3-5517d7719645", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06f174b2-059c-5e27-9dae-a1fe7cd20837", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:db6a85ed-dd41-5dec-bb1b-547e7a4212a2", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5aab10a2-27e5-5139-9137-25dfd125d395", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a501311e-9cf2-5ade-9aab-8bb01269086a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0327f2f0-d59f-5afb-8c3e-590d79c66b84", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ce2656cd-f877-5b75-88d0-6265ae06afa1", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4e07a557-527f-5d46-9451-d295aad4ee2b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d03e3353-b543-55c9-9ad9-dfd7a906f657", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d3da6c4e-0e31-5159-8e60-a7bc0b2eb872", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:104cdbeb-a152-58de-9904-774b8c380fa5", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-tools 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd16813d-aca1-5b57-bddd-f9cfda238577", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:21390ce2-000d-5e3f-b25b-cfcd5ff580fa", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools 3.5.11-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fdb7324c-0904-53c9-956d-302448a5850e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:abec2954-fb74-5a4c-bef6-f382849ac6df", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.4 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.4" } ] }