{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:433a0a80-3caa-588e-a6a1-2bdb6b4e1741", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e4eb836f-2f2c-5ead-9c81-0e08cb652e17", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3cbea705-9095-5d1d-b0e5-d48ff4fac70d", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b1b7c033-c572-56c8-afa7-cbe988a3670b", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6e9e7c0e-be14-5ba3-a39b-ed2e5b4db54e", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c8ccc997-b6e8-5e92-9bba-1739fe5ab667", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a862c6f8-a39c-55e3-997d-02b557c9eaa9", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d50d698d-c801-5907-8fab-ffab943d3610", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8e187d44-afe7-526d-9921-187539feb0d9", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1bfcf2d1-021d-5b0e-8949-a60a143c94dc", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c773dd14-f033-5cf2-8910-ee9120cdeed3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:dbe4e9a7-f549-5ae6-8967-43334bc14bdc", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ff1aa427-9755-5b36-9be9-91ecc8868b40", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7a47e9bc-980b-5e68-ba83-5f6784ba5ac5", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5c93ed0e-dfb2-5cca-87cc-f1772c9ed1fd", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:dc94eda1-2c49-5412-a3f8-687b6553bffa", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0b257e76-1b13-59a7-b3f9-c094015d90b9", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:dfae52e3-93a2-5ebb-a41a-a1c74aee78bf", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e6d5aa9f-e8ab-519d-ad48-abe34b7af418", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cad0a571-47b1-53ca-b4df-d76c9f359c7f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:77b2fdeb-ef56-581f-a092-12a350e6c8b5", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:47d8e22a-7f32-58ae-9edb-e216b8e97542", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6caa5139-f737-518a-8cbb-73397083696a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:895361d2-3716-5f34-a452-4f67cb49472d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:81898b5f-5c36-57d4-984a-e0ede4475b67", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0fcfe280-3933-5cfd-83f2-e51e25cf357f", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bf03d291-6c65-5e77-bc73-dba25c8f1429", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:54918e20-2710-534e-8317-133e34a7081c", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:87b0c6ba-c815-5931-bd96-e3b8d1c2390b", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-tools 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bfc9191f-36b4-5ddf-afb0-74e8e50d14a5", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:197062cf-5a0e-52fc-8463-8e4595663d53", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a37456c2-0d97-543a-85ca-ae458b8818eb", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:91d79ac4-4691-5606-94ef-ae9ebd40fa76", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-tools." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools@3.5.11-tuxcare.7" } ] }