{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b6eac52e-c718-5db0-9c9a-a5d93121da11", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ae96111e-b8e4-5389-b665-0b0e8964beca", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:574ce71e-d761-5580-b403-694289cef0b9", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f56e434d-f2af-575b-a164-805f13f4d10c", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:85f17182-d022-5dde-8d19-2b6acd8991d6", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:110bcbb3-9e8d-593e-8de3-e4ab71a70374", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:80c09554-d0cc-5b10-b321-34fe72066794", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ef2893b0-7021-59c3-baac-f67ba1a3aa7d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d0061a83-c996-54aa-94ac-f766ab3695f1", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0df726d3-42ed-5b9a-b508-c7441510da1e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d491b0aa-75f4-5da8-9d20-ee218fed2e3c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1b7aabb4-128c-5164-ac55-13e146780069", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2874cdcb-ee5f-5e7a-baa7-0b186b5328a1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c01114cb-553a-52c0-80b7-6b72c61f5d0d", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f1a5051d-cacc-552e-aa14-d9f22f59f525", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c2cf9976-fb7c-5a6c-b771-91414131294a", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9b4bdfe6-dd41-5d16-8e99-a67d07f6d911", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:33685c89-c443-51b8-b123-59e13d29fc86", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-tools 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4e8f104d-a62a-5487-9e68-2057113b5b64", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d823ac8c-478b-530a-ab28-f35ec1a9b5b3", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed7cd593-7ae9-5aaf-ae7c-0df0c682d08b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3fee6496-82e7-53a1-8e5e-7c08b9ecff2e", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4fa06c98-0efe-5731-ad4c-dbb908044c21", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3ef94ce2-38f1-5883-9d07-bca24c03696c", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8829605e-0f9b-5d0b-9156-3a33c3c6729c", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:91e756a2-1d8e-5447-ba2d-dc32a1f0cd4d", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:af55453f-4941-5b8b-834e-762b128e85a1", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f1321de7-67ab-5305-9b02-cb7114289527", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:385cd9fb-a742-5844-915d-39b38aeb920b", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:124c279a-fe4a-5dc9-bbc4-3193f37ece6e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d1539ba-75b8-5425-bae8-58933859d4b1", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:869de810-6dbf-50dc-a408-39898411b90d", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fa137469-99e4-5a50-99ef-956a180afbb6", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:71a6dc6f-88c9-5e36-aa51-03b88b3ede97", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:97c30ff7-2b30-5a0c-8369-cf565c4521ec", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.9-tuxcare.3" } ] }