{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4acf152d-ec53-5d50-8b92-7185d0203660", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6", "type": "library", "group": "org.apache.cxf", "name": "cxf", "version": "3.5.11-tuxcare.6", "purl": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:25030a32-47ca-5394-bbe6-7cd96f6a0b50", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:dd35e3f1-31c6-589a-9a98-3cca6e08572e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:79d81419-cf05-541a-81fb-ffc4a60aa871", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:09bd28b8-09b7-566a-890d-a0c37a344053", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:021e25bf-7e70-5e1f-8f11-e157abc31f68", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:e68e52d6-40a2-5294-859d-8ef4c8cb3e9e", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:98772eae-9c2c-58b3-bd99-4408338db092", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:9b4eab35-14a3-50e8-be79-083944a9f7f7", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:67bcb95a-6baa-5c0e-a1a5-57433becd83e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:978f3c9f-ad49-59d7-a290-a8990e8450a3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:7a8b53f6-c15c-5b4a-81ef-8bc8f1b3975f", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:ff468f59-3db9-5925-ace7-4b8ae46bc2b8", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:c96d51fc-cf96-5684-b2ee-6bfb54214f3a", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:f4d7536f-fad6-5c65-bcec-6bb8caba4d6a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:4f360ef1-7a38-50ba-b696-d8da4183e611", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1a7af871-1ec7-54e5-8c46-cb5b1519292e", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:94c2008c-fcef-566f-91c4-72ade29bea08", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:07273426-a395-5bde-a576-064558a7406b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:00dbd756-53d3-591d-80dd-904682553d5a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:2b2628b7-f885-5075-b0aa-f71a983402cd", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:19203609-cfcf-528c-b693-d50f94ecfd42", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:818378ed-302a-5d1c-bbbf-b2e96be93813", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:99c547d9-2aa9-5750-9338-6d4c533741c0", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:07a558f9-00a6-5ebd-a384-c23062b082af", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:de0dae50-7f3e-53d0-92a3-a7946b200193", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:5575c3e0-9d94-58b3-a1ea-04a0bcd7e84d", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:89a9dbdb-394d-50b8-9c05-d60c3b282502", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:6efe65c6-9202-571a-83a5-36ee6bc19085", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:050474ec-c158-5af2-82aa-81cb89b004d0", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:1f11dc40-a7ec-5064-85d8-922ac893ff1b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf 3.5.11-tuxcare.6." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:d17e8196-b01f-503e-ad12-7ea5d1524c34", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }, { "bom-ref": "urn:uuid:0145d135-5b03-547d-9c15-f549cb3e5d46", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.6 of org.apache.cxf:cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf@3.5.11-tuxcare.6" } ] }