{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:825649a2-b3a3-58ec-9417-b5ed24e342e7", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7", "type": "library", "group": "org.apache.cxf", "name": "cxf-rt-javascript", "version": "3.5.11-tuxcare.7", "purl": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dcd296d0-4907-5a88-9513-9b3f67c1f752", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:746cf4b8-1b8c-5780-9c54-7e23479e3c5f", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d91f5e0e-4cce-5674-a490-cbbde2f5ee04", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:2cddbc15-139b-5c12-b30d-526b3a9bf843", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:7efe188b-c7c6-5a80-b6ca-3f281654f5a2", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:39c0dbb9-83bd-5d78-8f06-6a818f2969c6", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:8f866a13-f9b6-511d-bac4-5718beabf81d", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4fd6cb90-c0d3-512a-a696-f7e3efc88daa", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:619cd223-6715-5b09-926d-2205d4a4283b", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f85caee9-8eec-5efe-995a-a8ed5710809f", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4922bffd-0649-5a39-a9db-b380a33703e8", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:4a690f22-2b70-5ace-a5a1-88aa35e2114b", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:09c02ffa-febb-5d5a-9ccc-b33bdd094318", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f443ef44-f3c1-5045-a6a4-fc9c1e3fc06d", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d0b396a4-b97e-5221-ad4f-aa350239fb23", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e5aba824-814a-5fba-a747-aec2d96f5a32", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:65203008-8dae-54ac-9668-9f36d427ed40", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:34b85306-b7eb-59f1-8ac2-cc8e1d2ec77b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:21ed3237-6449-5dcf-8207-321a3f12025e", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:d24821e1-b4d2-53af-bf80-513df7c10674", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:1d6d3063-bccb-593a-a7b2-648403b40cf8", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:48f0f442-c629-50b0-b49a-71fb46a6da66", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:f6dc8736-a961-5860-a58f-fbeea948ede4", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:c878389b-166b-526f-aea6-9ffb5801f35e", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:6fb8350e-2225-5417-b42f-26edbcd62afc", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:a47e4902-298a-58e7-92f2-c64bce109452", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-rt-javascript 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b692577a-02bc-5b6e-9529-7d93883074c9", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e9096d65-d962-5342-a99c-c0e04c6849f4", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf:cxf-rt-javascript 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:b5eae003-7f3c-5b01-a883-d57f6ad8ca56", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:e13fda19-699e-5aa2-afc7-7c279fb75bbf", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-rt-javascript 3.5.11-tuxcare.7." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:9b6dbdc4-c430-5843-8bff-cacec27bade0", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }, { "bom-ref": "urn:uuid:77da5db3-0c1e-5e51-bc7e-0fa0ea08735d", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.7 of org.apache.cxf:cxf-rt-javascript." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-rt-javascript@3.5.11-tuxcare.7" } ] }