{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:8851c559-5a42-5354-9a68-91df2d44b69d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf.karaf", "name": "apache-cxf", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:a1811f87-2f08-5580-94f1-f313b295cf38", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1e781487-d118-554e-a797-5e6bd1c8a341", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:85d5a215-b978-5d9c-a066-d5cb0174cccf", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a22c7d37-c260-58dd-a3b9-660d0eb1e295", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:73d76691-197b-5b12-8f14-0b413940991d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3cfcba82-8a3b-5cf0-94cb-c516f2fb79e3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:13280d03-c4c2-5d12-8d52-1f5fc57b0395", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:acfd3aa3-8cb4-5ac4-81b9-504709e75585", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2c46baf0-f13b-5cca-b5ab-bc1e9c4ead89", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:15c3b528-8056-5fa4-9615-48bc70ec9023", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c9338935-e1c7-501f-a7a7-86cab6b1f092", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ba84cbdf-f7fb-5fea-813f-19955745c886", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b6455ec0-421b-553d-97fc-a5ead398ceca", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:040b8e78-e92f-5426-b985-75c5928e4e75", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7ee7370f-f147-5d6c-8e65-4a1125a5ab48", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:20d64b12-b471-5221-9bf6-552749343301", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:061b6584-cbad-5589-b1e5-3b0b2aea9b5b", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:df469814-cd97-5ada-9b4f-2dc54c61d538", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6b33e484-5041-52e7-8ada-aa8fdf959c2d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6f0e068f-c827-58f3-9327-55dce3a9afe5", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5352abb1-1741-5aa8-9733-45a8dace8628", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d1196f7d-f820-520e-a953-2f8f2c68cd4f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:949d6b20-82cd-55e0-b1f8-acc93d8845d5", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:14f8e6fb-0952-53ae-a936-08ffbf2e4175", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b14437e7-41bf-5d6f-81c6-05a84717694e", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:af783acf-b79c-5a6e-80b2-13d2ba622555", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.karaf:apache-cxf 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:370e0f0c-a0e7-553b-9ee7-6c1c0b45cdaa", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:417808fa-1c08-5b83-adab-c50c57e53de0", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.karaf:apache-cxf 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e127b663-dab8-509f-ac8c-02df4dfad401", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d3776b8c-f665-5eed-b54c-fff6c3cddc25", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.karaf:apache-cxf 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:048c8089-f69a-53a2-b315-2237b8d613e4", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:dafe989c-2229-5d2d-a09d-f3931672818a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf.karaf:apache-cxf." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.karaf/apache-cxf@3.5.11-tuxcare.7" } ] }