{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1ac0086d-d114-53a9-9a17-442392b7885f", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:efd721a9-b5c3-5104-8514-586d1fc5edce", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d76671ae-dae4-57bf-8cff-711d8088f8c2", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9496c96a-8a9b-5c61-8169-cd007678df56", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c0dbd099-2862-5cd6-8e81-ba7fd5bcd703", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d8130250-8caa-5a17-817e-353aa417dab3", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7f5422e9-1494-5126-94da-b79bdc041c36", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7c92256f-29d3-5ab2-b8dd-c2d53339c852", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b0d5e8ce-d464-5b54-baee-85c9983ce9fc", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b31884b1-51b0-55b8-b98f-f120e915e1c1", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fc20cd77-6038-5467-95ff-4cd7b68e3c13", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1ecb3e27-12bf-5791-add8-b2e52b7fa590", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:81014517-d847-522f-9215-1a4b99e2f85c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fc17d75b-851c-5847-a57e-280662452430", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c86205b3-c76e-5978-a8d1-989bf1bcdedb", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b73a7002-b6ab-5ec8-8afb-07bd8382d29e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8e86feae-c8c1-512e-aac9-cbc85a6732eb", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:599e92fa-e1a9-540d-98f3-1173459420ff", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-integration 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5b903a45-5cbc-5467-b32f-87d32d557a38", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:63562082-2459-5fcd-b175-dfe855fba4c9", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:051dca9c-ed86-532d-8a5b-c9f32964d6fc", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c2ee83ec-ba62-523a-864d-146071c1804c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:74f5063f-6010-5f97-a45c-8dc09737590c", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cae78713-2e5c-529c-9be8-44cb33f33820", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4ce04b9f-6f7b-5831-a894-609f365d3a6a", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c0eb987a-359f-5789-b66b-c0648f4aa6e2", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b6c2536a-fb26-5c90-a010-519314c0a794", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7cd55dad-a483-5bd1-8436-c202ffee16ca", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eaaee983-4389-5c4d-8fa7-3994fcba5af1", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1c3be470-e180-5ded-8610-690280d3e4ab", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d1e577fd-6e60-541f-9066-28c970ef29f4", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4ef65db4-5069-58b3-b315-d8c32ab5ca48", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7a14b7b6-659e-54a5-8835-743f9e86ea11", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4e2c2cdf-5085-54f2-9db3-27df8f7ed8ea", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8b705159-293c-53a4-a7b5-38874e18612c", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration@3.5.9-tuxcare.5" } ] }