{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:ae43e6d5-ad3f-54ed-b388-d40b3f392a41", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "apache-cxf", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7ba021bd-3aeb-5da5-b946-b5f0a0b49da2", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d03b90ab-8bc7-528f-a590-e16649d1b511", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7c949cee-3302-55de-a749-30a6459fba5a", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:34c025f4-01bb-5cc7-aef3-f0b8a423d364", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2e32093b-eb3f-5b11-94a4-6be78a7450c8", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7f58c4ec-0117-5ac0-93cd-62cedd305c99", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:21f6a195-9a64-5545-81cc-da9bca281303", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8ebb6eaf-9bf0-5cbd-9198-1fa12169182d", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:184417d4-45b2-5975-a4c4-09e5dc47eea4", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4c0762ec-3ccc-5aee-a807-54e3564ca85d", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6495f8fc-5308-500f-9b83-60dcc23766ed", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:13c89f6e-03f2-5543-af01-795972ce5858", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e08ba57f-c13f-5ee5-8d83-6cfe4812f43f", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c6889258-49e3-5601-8526-4e0bef14c1c2", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3f1932e4-fb3c-5fa9-ab1d-43d703cc7441", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:edb4940f-7dbf-5dcb-97c8-218dacae7844", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d80b2c0b-16f3-5229-952c-c09cb125d1da", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:eb704e5e-722e-56ff-ad40-bfb8a887442f", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3373ef36-f998-5afd-b0bf-70df468a9980", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6232ab47-638d-56b4-b20d-0ea8a1ae8b2f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0f3210f0-df83-50fa-90b4-db58249d8829", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:df942afd-2576-581c-aaa4-4e0cb4a2f1d4", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:52ba706d-2dfa-5fb7-99c6-be5e72c087ea", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9eab8b92-8325-5b5e-99fa-450d66cca247", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:696f3645-4436-5e69-a863-9d5340381033", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:33f17567-3c30-5219-ab14-98484c943387", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:apache-cxf 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:965d53e4-8806-538a-88e2-6ded77681d3b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e6eea661-cac4-5f7f-938e-97472dc7d367", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:apache-cxf 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6b9f475a-e662-5ee5-be17-6a1c49e29c98", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c5a12b37-d876-54b6-9172-1d062ab0ba83", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:apache-cxf 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:288f0904-2068-5157-adb6-47090ca3665f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3031ba89-6dc1-56ac-b5ea-2e0964b1754d", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/apache-cxf@3.5.11-tuxcare.7" } ] }