{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3625aac7-79e9-53e4-8a79-3a8254aeede7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-security", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:394eecf0-0ac2-5135-91a9-5500485dfc67", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:034080b0-a312-50e5-ac89-75a20bcce4e3", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b01203a3-e041-5ac3-a151-acd426ae0651", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c6f6bab0-679c-54e3-8f60-62ba137a223a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:95405920-456f-5890-82eb-1b5dd8cad0b4", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:01582c27-485a-59cc-99b5-9150cdf97f0f", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:70a5d8f3-6bbd-57db-a83b-41a81bc37eba", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:49d5bc4d-abbe-520e-baec-91dea345403d", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:370805e5-93c2-58a0-a346-559d480562c5", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:48d3b11a-563e-5385-83b5-1ffa309f68f2", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6ae6f7eb-198c-5885-85c9-69859feefcf1", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c6b593a2-a60d-5870-ac86-bbca8f548403", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:15f14b89-cee9-5719-8ef8-e2b2a02c4c94", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:743000f5-e834-59c7-99df-0f6f77de7856", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e618923d-3da4-50e2-82d1-dcc585a1ab11", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7ae169b6-7904-57bb-a0d1-f3a6e2aa31e9", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:836aef3b-50c4-5633-b343-07a10007228b", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cfaddf57-7cb9-5371-a427-a1ee3d166bf7", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:aec00050-5b95-5afd-bee1-4a78e7b2ffd0", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c37855cc-bf38-51cd-87ce-38dbcf0e6640", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:863c64d0-4d2c-5026-aef0-c023cab435cd", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6ab2a6bf-c67c-5f44-8b2c-4a72b49d3c0b", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:055b129a-e24a-52fa-8a5b-dcb0556bbc57", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6ee5390f-1d6d-5959-bff5-ee36ef9aae46", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:143e28c8-b1a0-50be-bbdd-44d61617d146", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cd894e1d-1629-53cb-9475-e5a19cc0bde7", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-security 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:11cbb142-ae25-588a-9d20-20d8a561db77", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:88366d2e-176c-5d0e-a220-cfcb6d64345f", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-security 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a588f4fa-d999-5baf-b3d9-3eef89d8f424", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a0456ae3-945b-5fe1-bf9c-ed43a4082d7c", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-security 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:434dc1b6-2af2-5294-b6e6-c8d2c11af72c", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:19bcd455-6ab0-5d79-b277-00299e0fd16f", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-security@3.5.11-tuxcare.7" } ] }