{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:18c37c0e-20ec-583f-b8f7-616feddca134", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf.services.xkms", "name": "cxf-services-xkms-osgi", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:081ac43c-cb6b-5644-8632-d821f06d0235", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:53944619-68d6-5e4e-bd61-05bc44eac494", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2e3b2ad8-7df9-5369-8d97-511e3aa43fed", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9894f578-5f4a-5671-affa-74aed691a723", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9ca130cf-aa91-5578-8e4d-6f7590acc2dd", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d289082c-0149-5828-a716-f6de8b9abd30", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5eff289f-cfa7-5e76-a699-33faca95d3c3", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9284d7d1-d56d-5ffd-99bb-06e67df866ee", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:522f4ece-59c6-524d-bb8f-f05f25ba9448", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:439007ea-ba4e-5718-9d03-009ecf09df80", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:844237b7-f6a5-5eff-b551-bf4300e24994", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3de48f68-1ca7-58e4-9aee-b1d3bb9a6fdb", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c77314cc-d55c-5faf-90b2-2b8252761cff", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:95074bf0-c3d5-5d77-bf38-f3a20592260d", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:14053a42-739a-5ab9-a4fd-dfff084299c4", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:411374d9-e8de-51cc-a4de-804cab0cbd3f", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6f332cc5-fab7-5517-80d1-f474de120319", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-osgi 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:26d8ad15-bf53-5e3a-9ad5-71835c19cc52", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d9e03461-6374-51ee-ac60-0cb785a12ef2", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ba99fd76-a6bd-5069-af2b-86dd36d5fa73", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6d1df931-ab85-5cda-8d7d-07411541c91d", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f7d94f5e-68d5-5672-b658-d12b5939a6ee", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:06ff307a-dc71-5f6d-b758-6c66bd2b6cd1", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:057af35c-4b6d-535d-8b39-c2f24fef6211", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:676468c5-4ea6-5eb0-b2d0-8839d4971303", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:10eb166b-dc09-5501-9eae-1be3c16fca96", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-osgi 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f10eeb75-98be-5d16-a294-dff0de8f6b36", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:53d0c642-8bb7-5278-aa29-d9c48dd28b45", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eb0d306c-ffe5-5cd0-b498-b65edc110fba", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8200b9a0-8b9e-5cf7-b7e8-883039b9c9b6", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.xkms:cxf-services-xkms-osgi 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6fc2d561-71c6-547a-8c63-3c1c9f0e3753", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8bda90bd-d066-5cab-9619-5691e69019c5", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8d8bf924-efa2-53fe-b31b-5d1720f1cf56", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e196d549-458d-5afe-9dd8-6eae1b5e1dfe", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf.services.xkms:cxf-services-xkms-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.xkms/cxf-services-xkms-osgi@3.5.9-tuxcare.5" } ] }