{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d639b350-7aa9-5d4a-ab32-b30c83434f6c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-distribution-manifest", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:4ceaba1d-0d62-5d09-93bd-e2bfce3a4ac2", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:2f5a8aa8-f8a5-5602-b5c2-dda4ae7c4682", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f2e83cc2-fe42-5b94-accc-26f5fe98a835", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c2aaa05a-52f3-5dfc-bd72-011e981da96d", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:70c8ea32-df3f-5fcd-bb5c-099d199a2115", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b2ab09bd-cef6-5bdf-abdf-6567907afec8", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:49c19963-84e1-5680-a5a7-57cacf049cd9", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c6acfc8f-e46f-51f3-8626-f437a66a4813", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3486a50c-80e0-5c4c-933c-1b1c1919085c", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8062de0b-3b64-5d22-b7d3-9caa9b39703b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a2c27977-c993-5d8a-aaa8-eaefd5f986fe", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4f6bd505-5aa8-50af-a381-0a763b6d9f94", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:04c3977c-f2fb-517d-b825-8044ba07ecca", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:03f83333-1b7e-5006-8984-2e1c937d77d0", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c7419b7a-ec2e-5bb9-8aaa-b15d7c2fc4cc", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:deee0f07-7c54-56a9-9e70-dd389d43fe0c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4a3a9db0-ee9a-5d59-b35a-5b3728d5cfae", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-distribution-manifest 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e7603a5f-f92b-52b7-b11c-e06024a901a4", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:137c54f9-7de6-50e4-91c6-52e5dc7e5088", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:32afede3-514a-5c55-9dfc-ed602627ac03", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:df499cb8-80a7-5708-b813-262211e8cc60", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8ddda953-aeb9-5fe0-8d7f-eb65bc9f202a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ba1d6732-55e5-5d2e-b2dd-0018c783b531", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a0e28900-4ac9-5ca6-8ef2-871167630eed", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f5df2bb4-228f-5327-a370-5b150e5f3092", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:5530085d-7fdf-56e5-8619-55b73460f1aa", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-distribution-manifest 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d8b3d1f8-1f54-5889-8a23-1c805dc8ddaf", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4cd5fb85-e3fd-58bb-b990-747c53352236", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:cd5df9ce-514c-508e-875b-a05a3d5b83be", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7b455354-6236-59af-91e4-5ab42cbd29e8", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-distribution-manifest 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6e5ebc68-2e92-5412-84e7-eb7413255760", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:8eb656c5-8010-5d5e-951c-fd6893ac9d63", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f4789a7f-f2f6-5a3d-9856-6c13e9569760", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3fd1ff40-b605-5c19-abe8-daaf3b0b24e6", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-distribution-manifest." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-distribution-manifest@3.5.9-tuxcare.5" } ] }