{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:4e1b47c0-416d-59c0-ac7a-31e4f2e5ec6b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration-cdi", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:3f07d8fc-592d-591e-9c0e-527a7408c311", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f32b2e85-3730-5e92-8db0-9e28102e126e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:208746dd-6a43-5b20-9a12-24928064c012", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b6536cb2-c50e-50ed-8a12-e5fd6475c633", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fcddb4f9-2e6d-59f6-abb5-cb1b4aa3d431", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:51629c64-5f1f-5c80-b1c2-1f208194da02", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4a48541b-48d6-57b4-9cfa-c05211eb2a49", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:564411ce-f155-5e0b-93a5-5ba125231d73", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d684ee0d-a35e-59b5-ac93-c83d18f30f88", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8848424a-1071-5f66-97d9-14a951c21ef4", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6afcbc50-7960-583d-a153-c91f436ced66", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2572fb96-3f77-5003-8bfd-379ae8146b31", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1c88ea94-d0a7-5e6d-a5e2-96eae5f46f73", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f4f69055-8d2a-5b7d-b32a-d89065c760e9", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:19ecf180-dfe7-5c56-ab92-a5c01047a870", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f0e77c94-65b2-5047-8b9d-3642d5562c71", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0db33c6a-d23d-5955-954f-7598694bf5f6", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-integration-cdi 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0feed92a-ae47-5db0-b657-eb4de138bfcb", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7135b9ed-f3f2-5d33-9288-649ae8d628d8", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1a5623e3-7dc2-5903-975e-476b1c2438c6", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ff8e4acb-428c-5384-bc66-256b495c8b35", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9242a8fd-2e38-5d23-b682-a379c081cf0b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1df6f5a5-b6a5-5e75-bbf5-2a0402da81e5", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f81be5df-eade-5a01-83ce-b044dc9a08d7", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7821be59-4019-580d-b332-d85ab91fa7eb", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1338345a-28de-536d-bc28-895a4e2962b0", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration-cdi 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d9bb1e60-c5f4-5027-a974-8aa63d5bd7dc", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:283c07cc-6715-58f6-bc50-043292d7e7e4", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5aa69621-5cdf-51d1-a01b-1a6d2213e62d", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:20bbc9d7-bedf-5406-a257-198d20db61db", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration-cdi 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eadd194a-aced-5cd4-8cec-aafb5a3c622c", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:00f480be-fce6-544c-b5a7-14c0cf4e0340", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1b5a3062-06ac-5ca0-ba11-eba18ca71216", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dd8eea78-a598-55f3-b5a6-8aeeefab7d8c", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-cdi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-cdi@3.5.9-tuxcare.5" } ] }