{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:267e15e2-1865-5b2a-b44f-45991fb1da4b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:da5f0000-6f92-5e69-aa1f-f9025430b8fb", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bbb623ad-95d1-5152-b292-9dbd65b3e933", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fc675e34-ade6-5cb3-9fa4-ef66abb6173b", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4686f041-991f-5916-933f-0a56e727775b", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6cbd0c9b-5c98-56af-83a2-ddb01c84cbe3", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8c448ba2-bb99-536a-ad28-52d6a90a3259", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fb656b67-7f16-5cff-893f-195360d00954", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6076e6d5-5135-5e26-b8c8-b9724e1d05ce", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:01bc0c2e-606f-5e04-be77-a2e0e0bc119f", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7242de6c-306c-5ca0-b7c2-138d706607eb", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:72867faf-ebfe-5aae-885b-f0e4b95625b0", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0b199dd7-3b77-56b9-911e-8f65ff966c6c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:caa0ace8-863f-550c-bd89-77929185e847", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a2e569fb-afea-540c-bad8-43f7e4b0bece", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2792ddfc-0455-5b8d-bff0-dbaf249c7ceb", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e5476626-bbad-577a-b19d-d3a230c575c7", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:55f96c21-0486-5c81-9503-47919f209eae", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b204a0d8-ce66-51ca-bb76-72b575f7032a", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:907749f9-b942-5402-87d3-453f4483972a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3252697a-646a-50ba-84db-8ac172fd143d", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:23b0a8f7-789f-5101-847c-ac234f32b5ca", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3d2010d1-5f39-5ad7-a022-be12b4d59a39", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4fe6bf66-0881-5c8b-9f87-1390d8744112", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:45680f47-13a7-5274-bf2a-bdfbd2731de1", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1fa40469-ce58-5b0d-b49d-91c107e275a5", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:44dc9b6b-f203-5274-b287-3e807416e1e1", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:70ea7727-ffaf-5054-85ef-c8162a0aab9e", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b1e0f9c2-6832-55a8-8580-b18b04a7e10d", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0f5bf9b2-c375-5f49-a542-afcc567687fc", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:26990fca-0ef5-5593-b169-8d47c10545af", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ffb34a13-c3a0-56cf-84ce-5a28ad90fb59", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4ab29956-8834-501e-8042-9ede1ce1c0db", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt@3.5.11-tuxcare.7" } ] }