{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2c18567c-8bb4-5a5e-873a-93e7e66c3315", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-bom", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:41abe04b-ea9b-5de0-aec5-06a07b0f4220", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:971e5974-06f0-58f9-8536-8c2d0f7c7ec7", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aaad6f9e-28fa-53d5-94c2-03fc92b24cd6", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:534b94fc-0774-5272-814f-db4f9108b726", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a24656db-9447-5897-bbcc-fe1b6adecb83", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:640a7329-f7ab-5011-a9ff-d47207c4dc72", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:44aeee7d-9c49-5955-b10a-4bebaef4cb06", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:881cff20-a0ee-5321-a5be-f3e78d8814ed", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df5d9dd5-04f3-52dd-90b1-152d5cbe147a", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cc8afe2d-668c-5d36-93d6-d193582c461e", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e727fb3d-814d-5bbc-8843-b6c13d441ede", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:90f089af-eb04-532d-8637-54284aa754a7", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:91179005-076a-51e0-9f1d-5bf9501eb16f", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:969f8835-010a-5695-9519-05b2c2e1d9c6", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c835e4f6-0a63-5ff2-aad6-267afcb69205", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f15c409c-ba90-5a94-802c-454f6304f1a5", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:73450c39-4929-5f89-a06b-d66148b6bc2f", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-bom 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eb3a2ec6-3666-5d71-af55-6ddf4ff65c76", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d67b8b7f-90b6-5b06-98ed-41024bc1ec06", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8691752a-f30e-502e-a411-8da10bb17255", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3230b47f-803f-506f-a924-71c154b6ba6b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e24ea142-1205-526e-b55c-5057b4115189", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:92fc3409-4c7c-568f-afc9-67f29f9a8e29", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c8833bd6-48f7-5137-9c17-7420088fd4c7", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d9522dc5-3b66-5456-945c-f2a7174aaeb7", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2f5a6b51-fdb7-5d96-851d-bc40ae63e5f7", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bom 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3cd68186-930c-5dbe-979e-d450e362eba2", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3e47a4dc-18f2-5dc7-a470-cc62847ca075", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:893c673b-63d4-5781-9080-d7eabb7d7c68", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5c3e1819-66e4-525e-8540-3be653cecff6", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bom 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b275258c-bbb9-5d43-b4f3-4a2f011b3d9b", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:72ff609f-5eff-5e28-b7ab-5856b989a83b", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c6a542eb-0611-5258-a808-19bf145c1593", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4cde8c18-7f9d-570a-97a6-064588e0161a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.9-tuxcare.5" } ] }