{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9c745ace-6443-5f01-a62d-7306464d616d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf.karaf", "name": "cxf-karaf-commands", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b5c451ce-410e-59cd-a3f7-e51ea4c0d3de", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7ced23ec-0411-517b-826f-a6cd19dedb35", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2b18f52c-d912-521e-a3b2-bf60b2613a4d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9b9470cd-f694-582a-b406-d0b4ddd91ee5", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2abf8462-c8b9-5851-ba75-fe217e0c9d2a", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3b40f056-9010-5df0-947a-9512f21d26c7", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4e33ce9a-103c-5f9e-8345-a22c376a6e83", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d5e7027b-86f8-5630-ae40-7758c3c2232f", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a358c652-82ae-5545-aaa5-330ffb293e8a", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9a18be24-1653-511e-98ce-f02a6412a656", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d41d5e36-fcbe-5739-8113-974c21cd3a58", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bebbf792-c236-5560-9931-e8177650e4df", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b14b2f3b-64fe-549d-9aab-ec8d9a2e94ce", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:34484dc7-2f54-5163-961f-59d703854227", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c6654664-f428-5cde-bd33-68bf00b05291", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:aa18d562-8acf-5286-a3d8-425ff10683b2", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ea7ae1f1-cb79-5e80-8a4d-1be27246e307", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:58e0cf9e-f03e-51cc-be64-9629a6b1207d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:64ad2252-ddee-5ff1-8fa1-ec8be697e0be", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8ea9f0f2-0012-59eb-bdea-6dcaea0e8c74", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d94f34e9-d529-5c81-a3f6-076a7c572fba", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bada2d55-251e-55de-b515-8d6c23f982c8", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f332baf7-c308-5b66-bb01-cfdcfe0d8aa6", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ab1a9d10-074d-5597-b958-be0daac93f92", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4ce21884-c386-5b00-b844-f859c69b9d0f", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2fc3380e-c3f2-5008-9bea-ccb363e82bd4", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.karaf:cxf-karaf-commands 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c00d97ca-ff79-5587-8c9c-c2f28e5fe2e0", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3298c364-7354-5fcf-b0f5-ee48b2140138", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.karaf:cxf-karaf-commands 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a029a85f-b241-5da8-aab7-19fe06e1b6b0", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3006f993-d914-50d0-af8b-7de7d46eb208", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.karaf:cxf-karaf-commands 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3e23a1ea-b024-5fe3-a3b9-4670a334ae8e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b9525955-3f8f-52ff-b502-0d5633e7eb85", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:cxf-karaf-commands." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.karaf/cxf-karaf-commands@3.5.11-tuxcare.7" } ] }