{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b01e8b08-5124-51d6-8871-0d5fe7631562", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-corbatools-maven-plugin", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f50c4952-4be7-5525-b91c-f5d9b557365c", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0ed5d240-4425-5d1a-824a-9ddd6e698a04", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d409244f-4b7d-54d8-b620-54545cc2e6f6", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:43db4908-bdba-5c66-97a3-578d595595cf", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7bf8b3ae-5e13-5506-a4c3-af391a4b5deb", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:06f90f00-3c7d-5725-b9b8-d4cdcb824639", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4706828a-393c-5035-8b1e-bd89df416186", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:daadfeec-6619-5577-964e-bc357c0bc237", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:47fdaf6d-147c-5160-b73b-598c14969059", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c1ca6a01-a6fe-5076-b215-45aaa7d53670", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4dc4ba4f-259b-554f-8a12-6e1c62893ffc", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:80c2875c-6550-5d73-829d-9b735807bbfe", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cbb47868-596d-50ab-b647-5ddb90e5bb20", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f6916cc6-23a1-540b-a59e-367d8d588560", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5205adef-8007-5d9b-b408-59fe4fc2d213", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:25b232c9-018f-5d9b-ba43-958c2525a38d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:14cdb5f0-c484-5757-9054-387f78df90f2", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-corbatools-maven-plugin 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:eafab8d9-36f4-5ad9-8e77-4c26e689ae0d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4d6bbb74-ec3c-51d7-9875-59483a44ca76", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a30119da-146b-5aa2-8135-7966a1379c28", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:21b17df2-b1c4-548e-ad4c-5070833d24ea", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:192e742c-964a-5ddc-96ab-ede11abfaf56", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:169bcd8c-a0d8-56c6-85d1-02819063ec58", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:90ddad24-25bf-5983-a241-868ff1a5edb1", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2e08623b-23c2-56d1-bf47-09f95c83a89c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:294ba9f1-38b2-591f-a64e-a9bb8ab86e66", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-corbatools-maven-plugin 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2a4a23d8-068d-56b8-9e23-5f8750af05fd", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ef42dbc7-a815-5e93-b77a-a9024ad9a066", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:25dcc06a-bd5c-5ff5-bc87-1734ccd03d7a", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8109a98b-0872-5852-8ab2-824b49995f27", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-corbatools-maven-plugin 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a1cbef49-2de8-533c-b1d5-b946457777b5", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b7cb524d-4c00-5805-b93c-7cd0a34fdc39", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4e25c5ff-116f-5cb7-8657-b6bca6c7c696", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:26ae51f2-9d86-5be3-8f4d-6cfaf9da3f4a", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-corbatools-maven-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-corbatools-maven-plugin@3.5.9-tuxcare.5" } ] }