{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:9c24656a-01a7-5356-a0f5-b2b15e44037b", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-distribution-manifest", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:44f08218-d3a0-5c94-9521-bcaf605738fa", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:96aaa773-4483-567a-84a3-2db7d1ce437e", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e689fe99-3451-5ff9-8f0e-c138e2d66e00", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0740b06a-0d4d-5b37-89a8-d768f4e7b542", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7ef7e279-01a7-5615-9978-b393a5f57e61", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9871508e-d74b-5042-bb48-c6c6cb18a269", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9474b9b2-2b7f-5e82-a80a-cf5cad6972ce", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:baad44b5-011a-5fba-8c79-6b895f962874", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:67746a05-d051-5f46-95f6-f270d8e66b05", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b001b50f-c08e-5363-bbc3-7691c8d36462", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f38a6145-bb24-5c0d-aafc-7371fc158c72", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3971715b-e224-59ed-b5e9-f5b6caf48f2a", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6e0533f7-3f21-569d-bcd3-e620402b275f", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d5a14bd5-578c-5fbe-add0-dd53c0c597bb", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e52aac08-7192-546c-a27d-f7ff7bffc596", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:aad230cd-a9a0-5dc0-866d-637eb15c84d3", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:56779b9d-5590-5310-bd10-42892b6c8a97", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:54c8f4d0-58de-5fdf-82f9-5f0368b77303", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cb49657d-5c43-50e8-8311-d06ead3f13f6", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:26cd5f3b-2ea5-5284-808c-19430b1cf10f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f09a2564-3c6b-5244-ac77-7ed05aeb118b", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b5232a80-0f5f-58c0-83e3-9f8784871331", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:769cf89d-18ab-5be6-96b7-5aea86fbc186", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fd626e77-510d-519a-abcf-0bd8aa598c62", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:66a1eb96-1163-5218-bf4a-657e234e8ea4", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:00868076-dbfe-5cc0-b2b8-de66a4aa7d71", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-distribution-manifest 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f1101ed9-561a-5ef0-8836-4fc07da52168", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9ebba607-f865-56e6-bb9f-8e366881061c", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-distribution-manifest 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1dee6f9c-73e1-5abc-bb06-59aa83925c13", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6c1d2f6f-28e0-57c2-9de4-613bc5b25766", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-distribution-manifest 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9157ec9a-c6d6-55b0-a0cb-103dae3e6c13", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d9236b94-fa24-55ff-a986-bc75eea4f572", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.11-tuxcare.7" } ] }