{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b8e77c28-03db-589c-b3aa-0cf8b3fcc051", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-core", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:22180c43-3889-5ffc-aedc-805ad82be697", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fc1ab61b-4562-52ab-9b31-8c0325b206bd", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:74f74ed5-e860-5df9-aa52-655c37efdda2", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:87b7b3c8-8de8-5c80-9414-2cd796f8603a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:5399a719-65f0-5e4e-9cf3-229ad77dac9d", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d1a7197b-356c-50b4-af30-a48a374d39ef", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:825a8f6e-01d7-5618-9289-48e5b20f99af", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:cc671fe6-b235-5c75-b78f-ca797020e57b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fa74d46b-68bc-5a34-b797-bb3f37acc616", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:28e077c6-45a1-5aba-a38c-a40bd76586e1", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9ca42ea3-285b-578e-a7cd-2b03b6f0b0e2", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7ed208b3-d9a7-5ebe-b8c4-d0544e1996fe", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:809a307c-c87e-58d8-b7d9-44f2ec13d633", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:0aec9ba0-077d-5bdb-9e3a-b8b86074aa07", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:76e74554-d577-5ce2-ae9c-ae61fe2f86c2", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6ba63270-f43e-5050-937f-bb94d50cea41", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:28a1c820-87c3-56af-88c3-78d12c5dccc1", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:815f7411-2e73-55bb-beb0-f7637b49337e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:aef04c3f-4042-567f-b8fa-85f8b302fa7a", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3f4d1230-76bd-56dd-84de-9bcbdc3a1bb4", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:26d24d2a-75c5-523a-a889-6f74f209a26f", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:3c335433-48ee-511d-b064-dd36db95197f", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4f257657-15c6-5e8c-912d-210f4a7c297c", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c47e5bbe-cdbf-51a6-afae-bbbe85789ac5", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a154a46b-524d-5e86-8200-ff49ba85f42b", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a50dc47d-2364-531d-9a0d-aeb9ff286f0a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-core 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:118bf144-c733-5766-9f9e-e752e095c677", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f02bb008-d4f1-57fd-9816-bff5f20d16b8", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-core 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:ceeb7f31-bba1-569c-98eb-d7dcf8f6edaa", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:da0bee1c-488d-54ed-a60e-16a952449045", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-core 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:87f32810-5c3f-5057-a55d-419ed576c01f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:fd9ad593-04fd-5b00-ad3f-a59491fec8a6", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-core@3.5.11-tuxcare.7" } ] }