{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:343b5380-b030-58b7-90a3-0a6efa8d0bc3", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-parent", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:50d8db51-6341-59eb-8045-aad309555dfd", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cddff03a-8f00-50c3-bd49-1862ad533f50", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9c167c16-4e1a-5e91-8010-27ba6dcc88b7", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:61484e44-6cbb-5b16-9139-7b743b4bae04", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a846d686-ff1c-57e3-9074-805fc289e1e4", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ae586dab-783a-5e59-809f-4a091dfdce22", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:41ac1307-4ab6-59ea-9bf4-8c4394be793c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ff6f81a2-e9b9-5ced-85d1-73abc3af1599", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:08c52b2f-15bf-509b-baa5-1c1ac14f8d9d", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:09652cb6-ff18-513b-80fb-3eb3a2b59e11", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:66440493-73ab-53be-872b-cc2548e29866", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cc7c3aad-2ca9-55bf-add6-025ef0a27af2", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d00b1c0a-eb46-5ec7-aeb7-b8a9cbd35b7b", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1f5a9c3b-223e-57d1-bdd4-f333f2e73344", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cc0a8934-bbe0-500f-ae48-b1d2ae4c67e1", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:aa96e7b0-a653-5bec-aa56-f03aefa1b669", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:91c15eed-b0f4-52c0-9eb9-5709d2df397e", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3aabee1f-b426-502f-8a4b-94588e15d042", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:93468cf5-4542-530c-9751-cbf923e46d7d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d23b7f27-e7ca-55e3-8094-594dbaebc34d", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fc4cfb43-b05a-51cc-b320-82ae55f302f7", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:29419922-2f91-5b60-b1b6-1eab46ac12e5", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4395bea6-bff4-51d2-910c-bc04263ffdf0", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7c29fdb7-11ba-5eef-bd12-03569f147c83", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1b3a6ed2-89db-5159-9b84-db495f608766", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3077464b-7be0-5011-a3d4-6fbc64a14731", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-parent 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bea8edf2-6cbc-5942-b88e-3ca6ab313aae", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:417d869e-e041-5929-8147-f73edb5daa26", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-parent 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:92439cfb-6b70-5319-8155-b823c013b808", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:62c6b28b-4898-5841-aaea-f9946740f3cd", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-parent 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:eae852a2-16b4-5a9b-b7bd-99c16658f4a4", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a61d8c01-6ba9-5c28-b562-c57c17e15c97", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.11-tuxcare.7" } ] }