{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:da053d27-e8d7-5d54-bae5-d121ca166b29", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-distribution-javadoc", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e2805a60-0a73-5eea-9ab0-2ebfac087156", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:580fc865-3a4b-5d16-9343-ea0c3930247c", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dcc9b1c5-e0ba-5170-948d-29b0d53af69f", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6c891dfa-9e37-5536-892b-fbe94b5fbaa4", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:87fc9a74-cb13-5f93-8ece-fbd2359adec8", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3110ad81-79e7-55a2-b5a2-6fb3c99cc493", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:79ffbc3d-19e9-5ea1-b68a-80c9216a7a4e", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b4af80bc-cee9-56eb-99ee-27d8b1efaa91", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dc3619df-7f2f-5949-8075-774672e3e129", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:84824dfd-4911-5231-8099-7e2966be6185", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:18c2604a-6231-5356-a7ae-20688e1401a8", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:74ea266c-6a83-5531-8388-78408920a7eb", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e6777abb-a350-512d-9264-38003c76bd18", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:22e9f97f-f6ba-5d24-8195-d2fcfabde535", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5ec38ffe-8e1a-5aed-be60-9bdef19cbdb5", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2c4791c1-2e0f-5d5b-93b5-6606642af709", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0e12bb52-3405-5c4b-8c77-e49ab17308f4", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-distribution-javadoc 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bd944a2c-f00d-587e-8edb-6ddd8d962f9e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a70ffb98-236d-5021-a021-6b1c3556954f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f497562f-6455-515e-8b30-16e12a8edf05", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:79b1dc3c-b657-5ceb-b8b5-84a078048480", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9029375b-f537-5858-ae21-49fafac73304", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ffbd7e84-5a5c-53af-b1ec-52a34cd9f903", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:814a13b6-4f17-5dfc-8b37-2c4fd244a457", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c39f49cf-78ed-538f-b3b4-839288e33562", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:dab9c738-018e-55d8-b251-664387c9e8b0", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-distribution-javadoc 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:50cc1e84-a1f3-5627-9038-920915c14f8e", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:275cfddd-34f4-5388-947b-3f3c27e6cb5f", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:fec7f3a9-72e3-57e0-b976-119413877627", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7cf65e39-18ee-5b8d-a409-0e85a8443f01", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-distribution-javadoc 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0652d898-e305-5920-ba2c-007df9e3f649", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:62156ce4-a96b-58e6-bed9-bc10c454757f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:984c3559-4b3d-5429-8ad3-7987c0818e40", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aeedad09-15b3-541b-afcc-adf597c1f3f8", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-javadoc." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-javadoc@3.5.9-tuxcare.5" } ] }