{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:266a7348-fa5e-5b11-bade-f7778ba8367d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-databinding", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4d38deb6-2aa9-581d-94fb-fd65d6de9624", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:16aaf0ac-07e0-5d5c-a5bc-c7bb9d4cb565", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:76260d68-06c8-537e-81bb-ca9ffc22158d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:62fcd2a4-54e3-5c13-a520-010bfd116bb5", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:440b9a4e-d778-5ec4-9570-e2e60732ed5f", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:493287f3-ff0a-5d2b-b796-65d563ff9b71", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8afa3ab7-4510-52a7-88af-43c23ccf0b9f", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a3da40d4-7989-5283-84ee-1805caaabc37", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ba5a7c31-c2c6-5aa1-83cc-4951ff3a2b09", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:376f2fa4-ec9c-58fa-b41b-772b20e620b7", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9c6e5fd7-30b0-560f-a285-f5721c6f17d1", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bfbde8e3-6ddc-5bb8-a1bd-0d3162300236", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:72d12b9a-57fe-5364-bca9-bebaabd38e70", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4ebc235a-9e8a-5a9c-94b5-d5eae6d96b12", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:357d5b0c-ed20-5b87-a58e-7c6ec36c87cf", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2b00b187-1948-5d28-b6e4-e18eaf042841", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d85ff3e5-c254-5d04-9219-b9558c063654", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-rt-databinding 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:02d99ece-9760-5c32-894f-c4c6baa9ff7c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:1dd3164d-f4bc-5a4d-9816-2375c9655fa5", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df93f8fa-51cc-53ec-b784-a92616fbc5a6", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8e44c1d5-5b31-523f-ae11-94d283c0ea1c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2aeea4d9-54f0-5096-a1d6-71141c719d6a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:616b2c1a-5694-57ad-8fe7-690720e0408e", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cd17290e-ac33-5b40-a755-55cb1e9f6de5", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a2cebb00-4db8-5600-8393-8a9088e5e2c9", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6cf20e8c-d642-5f40-8ff1-01d1f544fc98", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-databinding 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a76e2f9b-28ac-57f5-b476-be4c144ba447", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ce453c8b-5ac0-55b5-af28-aa74d93ac80c", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:99a2fecf-bd84-558c-a56f-8369d081a21a", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:edfbb4c1-f99f-551a-95d7-f64761208472", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-databinding 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:87dd1598-c50b-5820-9793-c93a6f22e94e", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:9cbe5864-88b5-59a5-8267-f0ac6181231e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:774a8fe8-3dd1-5324-b028-825e7f1a3def", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df5d8344-5b47-5f4f-aa96-909eafc52772", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-rt-databinding." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-databinding@3.5.9-tuxcare.5" } ] }