{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dceb4b21-3bbf-5074-a135-3b109edb25a7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-common", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1d6842ca-37f2-5c12-a6f9-f8052805da32", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:192d50ba-ed1a-5793-835a-edd7ed9fb550", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:dfd75bf4-3e05-5705-951b-1c657d8d1ccb", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2a9b9e7e-8051-5369-9388-2a0317759fd3", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ee74242c-803e-560a-8047-503c0facf36c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3d2dd3ea-0534-5a1e-afb6-342bac637caa", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fec1d44f-ddcf-5c15-a84f-06692f2095ac", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ef66ca8c-cd38-5a87-9dbb-288a69b3e052", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a2b22f3b-c026-50f3-8315-e253ad5eee8d", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:20b1feb0-e44f-50ea-a009-d8cfe522ee86", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fb77f7e5-a96b-51ef-a869-ae69c0843af8", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1c0b0448-3e7a-545b-95af-c6b7c0cac0a3", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:96a3b11a-d220-501a-805b-969ff685bc14", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:58a7a773-4dd9-5058-bd8f-f40565575032", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:157b3490-9682-58c7-8911-6b8b5331b0b9", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:25eac661-9205-5493-950f-c5e1e40370f5", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5f5e4475-4f34-5406-9c1a-c7b35d3d580d", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4f07becc-1c97-5aa1-af66-25ea70f183a1", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5c3f3154-80bc-5a4d-89d0-4664d8ce0efa", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bb9fcc80-2bbb-50ed-8054-b49389a49031", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2ee9a44e-d0c3-5ebe-8579-5afe97337a7c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:01c231fa-fa49-5c23-823e-dc9439d7938c", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e94ca714-f847-53fd-b291-2c67a9d0360f", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:41c2d686-d9e3-5a02-8cbe-50b37050fcb2", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9cc3f6e8-851f-5875-b30e-bb72cfe18fee", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1fa70206-91d1-5af9-8445-f6bf0139c562", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-common 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fa0748ba-4314-5ad6-9447-d773b5d8481b", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7d56b0d2-7fa1-5513-a369-9f3d1d7016f9", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-tools-common 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:49d75281-ec3b-57a4-a040-123066db5705", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:dded7f82-f2bc-586c-be4e-4fab11c1f390", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-common 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:09c941a8-4ff2-5735-a7e8-5df052fbc049", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e4c3cbf8-c1db-5840-8905-f5839d261832", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools-common." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-common@3.5.11-tuxcare.7" } ] }