{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:597bfed6-688b-544d-a558-88d6c1f307bc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-bom", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:7fe6d4dc-837f-56a9-ac58-c4dc1e03fe24", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1298fa34-9991-5327-8384-a51ff372533f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4dcea3e9-8531-59bd-824e-cb0a2676fbb5", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1b9b54be-1967-5917-bfa2-a823fde84f30", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6828b480-2a39-5460-88f7-346b1279dd1a", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a3ac48a2-c50c-52d4-affe-905e939c9f3c", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:593e478a-36ba-540b-b48c-4f935915431a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:736607af-7168-5e0f-9212-a82d04a05d49", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5964d449-0c19-5588-9579-9a98810d9d2b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:70e3131b-eff0-5760-b62d-8536401449e9", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2333a390-6f90-5668-801f-43f2bd03c4e8", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ad68452f-f702-553f-9573-b4905f4d8fe1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:300526c3-6f92-5729-ad96-fb6b51fc0b20", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:bf6dc683-855a-58c8-9124-04cf71da5813", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:db218a4c-e3c9-5135-b1e2-eebb68cd82cf", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ada2e597-b3e1-5b5e-8fc6-3c5d8ae2f903", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d6ee8b5a-5667-500c-bcfe-ebf999f72b66", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:536d5922-9ec3-5328-ad65-fe492629bc35", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:993b5f11-adb8-5871-a1ad-ce43e345af5e", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d1644f2d-e1cf-53f8-afb5-e506c6d55c08", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e4382de8-e978-5cfa-8da5-773b9622f888", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:18fb5534-e40a-5104-9984-56db0de47ce6", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e6e31727-e330-5af6-82ca-11198bffa845", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9b668ee5-4f4e-5223-bf1c-9ee0f4f0198f", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9eea4c85-624e-5458-8f2f-3f9bbdc1fe62", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a0d57e78-461a-5b40-b24b-9a5a0d57d946", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-bom 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a3e9d90c-fa7c-5812-b6d0-6dce6ad5d098", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:76bb4623-486f-50c0-a3e5-cb9908eff931", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-bom 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:57e1b2cd-1a79-5426-aa50-91e17af4154c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d8e137df-7d5a-5042-884f-85bffe9e4351", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-bom 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5a80d630-dac2-509a-be8a-b2d82f8b4806", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9bd0bdc3-2a6e-5e89-9733-c28243a57ff5", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-bom." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-bom@3.5.11-tuxcare.7" } ] }