{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:509139dd-6575-5f84-bc32-5fec1e71b3e4", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-parent", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:5deab479-1ad3-5aef-b704-c59e63f775e3", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:53c01623-8fde-5617-8300-df68dc8b84f1", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e92824e9-ebf6-5c8d-9aad-b90551b4e668", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3d2e91c2-fbe5-5374-8f62-9e1607d4a002", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:513c2682-a8bc-545c-8398-968ada5c28ea", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5d05fa1c-f2ba-5519-b0a9-81fe2320747b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6281222f-3fd2-5ab5-ac3f-e452610c8678", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:93026d9d-dab9-5722-90a7-ebb6ff351ad9", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3764c21b-407e-55f6-bcec-4f2913419dbf", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a679ae14-b147-5016-86fe-c469c02bcd8c", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:19fbd6bc-00e8-5d9c-9d58-cbb02bbdc7de", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8cbc8f3e-4d1f-5e4c-81e9-8b4ee2eccdaf", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bc810e95-2e26-5ad3-b44b-2861b563f2ef", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8b0a3ff7-fbf3-56f2-bb5a-cb46f788b117", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bd75fb15-5d51-57aa-b970-04c08d3fb76c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2f49d64d-e458-5009-977a-354406c74454", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:07c05462-402d-5fb6-a094-5a5243a9e2be", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-parent 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c1f307f8-59ca-50eb-bfd5-cfaaf6093c3b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:47dcf884-f829-5773-b5d1-ef04b90eef8d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fceaa2dd-dc10-5186-8e0a-801a3c5c63ef", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:37e46445-2692-540f-9026-a05073f9d6d5", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b359eb0c-70ef-545d-9deb-8c64102bd141", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0dbfb772-6678-5bf0-a70a-5bcaf521e7db", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b2794adb-55a1-59d3-94ba-a4f9bba28635", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0aacff03-350f-5992-bc34-f0683dad0f6b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:048afdf9-7fad-57bd-a963-0cb41543020a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-parent 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:52e54414-5273-5417-b172-98c2bce2c34b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:62f3f38d-6320-5ffa-a3ce-466dd86b73f8", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:133a5923-c816-5620-8082-182e8818417b", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9593e04e-457c-524f-b154-1524104eb22d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-parent 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:20971d3d-e934-57bc-a7ba-6a9bfd3fb7d5", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e76a9d37-a7d8-5926-a981-b19521ef98ad", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1348860b-f6da-55be-b3c8-5a20474882b8", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:03f2ceb2-0229-5161-8e99-973033787999", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-parent." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-parent@3.5.9-tuxcare.5" } ] }