{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:0bf173b5-b897-589b-bcd0-0950fab3c00d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf", "version": "3.5.11-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bb75f9a6-e71a-58fb-ae33-3be73f4aa512", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2586f597-34cf-5b51-82da-19df0c41e5cd", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b14bb753-eb90-554d-b29f-5f648dcc59ec", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:54a9f872-776b-5213-a090-d3d818b83039", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8e02716d-3f6e-54cf-aedb-76574dedaa49", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:73ef0538-b646-5fab-95c9-6aa0f642ee45", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:770541d8-d702-5fa0-bbd8-7322ad901c02", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:500574ec-66a1-5e5d-aded-94b054733765", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fdbaf276-4cdf-55ee-963d-cdbf844b1fad", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1985be65-0bbf-592d-9b78-2160ef73fdc6", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e1f732fa-242e-5224-abe8-ca86d71fc2bd", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9a9b654c-dce4-5525-aec6-07f7226b5094", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:325d163a-ca49-5737-9dac-1cae9478ead8", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:90f356e8-ac90-599c-bdf7-933f792a4638", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4fe30063-81cc-51d1-884f-32a7fb1ce33e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c793f609-f42b-5298-83f9-01d21614eba5", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:af537c95-fb66-5c6e-9a89-8d10f5f7ce6f", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1fc10e46-754c-5de6-a3dd-86a6720bbc68", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a9dc756c-686b-52d3-94ea-c044b630b2a4", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:adb2a47e-1e34-5ab8-b8db-34146bf4f374", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eaff48c7-10ec-59f5-a0e0-42752a624c49", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:06cacea8-3faa-5771-a752-7fa418d1f8f5", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0c6e711b-fe78-5e73-b278-c685d82be328", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6e2f054c-faa6-5ae6-831e-5db787201e48", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:526a9fe7-6ffc-5c7c-9645-738fccd104df", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:acecadab-163b-58e2-abba-4a18ec207a9e", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:40df39cc-0fca-5cc6-b8c6-85f0e54f85fd", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:59c0d06f-ff2b-5ce7-8ee4-84702e22b029", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d82880f8-d039-59b7-905d-2fe06315fb39", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:820e4df8-91f5-5116-be82-a18cda4ddce1", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf 3.5.11-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7888c929-e73c-57ba-9868-762829d2fa58", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5f4074df-f063-5296-815e-fbc532aa10ba", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.5 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.5" } ] }