{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:dc9702cb-11d4-5957-976f-4b6a8baf730e", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-integration-jca", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:63f0cbc7-0345-557b-b7f0-dd369c5b40ba", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f48f7c42-9742-59d0-b3ea-1bfea51aaa40", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f5c064db-eb35-5007-b02c-b84e1df975c4", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bdf4046e-2777-508d-b66e-079ed783f363", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:387be301-9097-5d46-b22b-b95047ad2fcc", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:465cb288-bff0-5e49-8fc9-89e0ea697094", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bd87a504-b923-5c7d-9ced-d806f2ee408c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3a6a4170-5c07-59ed-9d80-8e10efc93d02", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:96f5af86-79d8-5640-81af-bb84b0b115ad", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c4ac789e-2412-5bc7-a0f8-12d0d5f34e91", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0f0fdd86-ab10-5d39-a55b-d2a56b928d16", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e774d9b5-6b80-54b7-a0b7-fc769e1394ab", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:aed8efcd-534c-544a-b377-149c369caa1d", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c3301d7e-9208-549d-8b3d-98c783c1b5f0", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eee96036-5b0c-5a66-92bb-fbf17663cb93", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:70aca9c9-4294-5154-a929-abfa31d93103", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:376f82a1-24e7-580b-a677-4795642bb582", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-integration-jca 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f3107df8-4d9e-59a2-832b-f75b37e795e9", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7603b708-b042-5f97-b49a-c16c827b0db5", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:440d7910-71a5-5d33-a61e-5bdbae930366", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:64ba2794-817f-5427-95c7-928d9340de43", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2b2db25e-6a1f-554a-877a-387843d13d26", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:086e8747-50e1-5b19-a077-1ebd99a8ceca", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b29a3b9a-4560-55ae-b8a9-d0446758d4b0", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c781db8a-c82a-523d-bc85-0eef2eec3b18", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d8628bd6-2e32-506a-8a64-446f6ecb07bb", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-integration-jca 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7f8f0195-838a-50a2-b1e4-1cf9c39eee62", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e9f97ce0-c5a5-5912-a0e5-aec81aa2d676", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4422dd99-84d1-5bd0-8b9e-ddc4119741f3", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d03afd1-5688-50fd-86b3-c4eacedc3316", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-integration-jca 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:44fc14bc-3f15-5ceb-9969-2df2e4ca0151", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5d248dde-713e-5aaa-bdec-7de4227fd5af", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c422c74d-4703-5635-b1d5-712dd2b48bb9", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6aa1b7a8-5abb-565b-9dee-5eedf6f6e519", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-integration-jca." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-integration-jca@3.5.9-tuxcare.5" } ] }