{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d4816311-9ac4-5610-9081-ccdc9a3d40ab", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-spring-boot-autoconfigure", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:204ed801-430b-5189-9890-bdf8c9a3fc11", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:819ae185-df30-52b7-a460-d26fffb80585", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2176db53-7376-51a6-96b0-47a9d1f28de0", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6277be9d-8014-5bf0-a7e1-f360c085b3f5", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f4b839cd-8f4f-5b5c-bcb5-5bb7c84680b5", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:39c47f21-fb1f-596e-9048-37eb58a95a54", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4aa67d12-414e-5dae-9fa9-ecff56869ef8", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3f9bc65c-ed99-5d23-b655-037d31a701f8", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:accf35c3-c03f-5358-8666-9f0a602a5192", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:715af5f0-b053-50d5-8cf7-09af50ab9056", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:313b08b8-3504-535f-83ae-ac665929f004", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b7e34365-e7f0-5eb4-b4fe-ed8fc09c634c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2922f3e5-359c-5ce4-bcc7-05d13c217749", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fd51f257-813e-5183-b058-04435e803b3b", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:73a380b1-94c4-5757-967f-1a14efa21e18", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fca7f593-beda-5065-8196-150dbf845b40", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3fab5af1-09c3-5685-b446-f449f6924691", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f9f2e51e-20cd-5963-8361-96fbcb26c1bd", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c61e4185-ea66-55f8-910a-d1d60a47551e", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:51f86378-e30f-5b47-8fa4-a8b21af30ff2", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0a37a17f-1d42-59f9-aa81-55ad4b9c2878", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:789ae4cb-cfd1-51ef-af98-d6346a3ff597", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:94b7bda2-d86e-5b8b-ace1-ff0d2f180a8c", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7163c672-1bde-590d-905a-223989f7ea54", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2f8e8add-5337-52f1-a7ca-3fa47a908fab", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d699b708-dcf0-59dd-b968-b6fba0fb6713", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-spring-boot-autoconfigure 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6e530a37-e7fb-5c88-b5e8-ce7186c9548b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ec8cb796-39b2-51a9-add9-b901db4df392", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-spring-boot-autoconfigure 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f8c4400c-14a2-5fd8-938d-ca99a809c13e", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:316c81de-aa13-5369-b1d4-c882918c9ea6", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-spring-boot-autoconfigure 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4bf99284-b38f-5079-b264-7989912ebc15", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d085ee58-7086-5b47-a09d-4273b4fb6e0f", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-spring-boot-autoconfigure." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-spring-boot-autoconfigure@3.5.11-tuxcare.7" } ] }