{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:66acf689-af61-5aba-8a9f-9f362f10eb04", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5", "type": "library", "group": "org.apache.cxf", "name": "cxf-tools-javato", "version": "3.5.9-tuxcare.5", "purl": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:510d4347-bb76-5733-9c4b-cdb63d48bbf2", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:519bd02f-7227-5ca2-bc42-567aaefaf591", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a352632b-a37c-51a7-8d42-4b44a5bcbd8b", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:272d7eab-d2af-5bc0-a951-9fc4ba21c3b4", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:0ea6aa45-1b00-5eaa-add9-a32f05a502c5", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c454089b-1c28-558d-b233-ebd318bea154", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bd2b48c7-8e60-5006-a106-3e12d9a796c9", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e3960b85-8f75-5893-8355-b9bf20b7919d", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:07769804-5c54-5215-9725-c7218ff96efe", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:51a16115-06e3-5e58-8eb6-15d936e5c171", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:6b5265c7-d5e0-5b03-8b25-02be7ae4fa0d", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:4b9587a7-3a70-5d69-a859-4672f4f4e627", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:de7ee3ac-da6b-56bd-9354-0303e6c37949", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a71c582f-66a4-5f01-bc26-f7eb38de9b75", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:41806146-ffaf-5d08-a93a-cc58e5871de8", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:401aae8d-e26d-51de-9b2e-ea5a0a3c3eba", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:e6a56775-59b9-5e55-92d0-c048568ac2eb", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-tools-javato 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b6165f34-b015-579c-85c8-9508eaebd723", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:a324470b-b09b-54d5-bad0-aee95190bac9", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:abae3270-ba47-55e8-84ed-beb8d48c81b6", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:be7d8b18-18fc-5c7e-b4c1-051f4c952803", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:3783ef73-cdea-56ce-a0a5-adef03922999", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:7233a976-e261-5eeb-a9f4-6f801e254bbf", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:946cd3d6-48e8-5c7e-8f20-db45bc89fdaf", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:23b7b6b9-4d83-5db5-b6ee-fed53e5f87f3", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c36060b5-6bf5-5906-bcf7-472c4e8d42ce", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-tools-javato 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c42a1f98-0c18-5323-8091-1fd78291814c", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:ad02e716-6875-5aa2-887d-394c60806c68", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c50b7e76-b16c-5317-adf8-b9fb6417e3eb", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:bc7858e0-dda4-5d14-afc6-5d6803f40cf2", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-tools-javato 3.5.9-tuxcare.5." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:d5f09822-4045-52e3-9487-870febd26e25", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:b4f5b8e6-7067-5487-8d43-66b22c0b70b5", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:f0e7f0e4-2acf-5567-a920-c57a5d3aa68b", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }, { "bom-ref": "urn:uuid:c3b53b5f-0fac-59ef-8184-9f3f4d7891b8", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.5 of org.apache.cxf:cxf-tools-javato." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-tools-javato@3.5.9-tuxcare.5" } ] }