{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:95014c09-7eb7-559c-bd36-9312e3bbbeba", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf.services.ws-discovery", "name": "cxf-services-ws-discovery-api", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:c0edf96b-58a2-5aff-96f7-4e53c21db0d5", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7d6eb8d5-5e3f-5049-8bed-8fa34505f0fe", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:865d4eef-e5c9-512b-9bfb-0138c5986fc7", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f68259c8-0573-58ba-bd54-fce24f8e2392", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:69a6db7c-75eb-502f-9802-f30fa67e605e", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ddb8cb35-ec53-530e-ad09-f4f84efc49e9", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:211e55c2-88d1-58bd-b448-b19d0416c1b1", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:494b19c3-bbe8-5fd1-ab62-e67fac40aabc", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f28854fa-99df-532d-b195-086923ff0f46", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:69db6207-a484-50ac-8090-d2065481cee9", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f008c639-a71c-54b9-b9a6-a5ca2687b1d4", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7946e2c9-cf38-582a-9282-a179dbc2792c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d6a834da-72d3-5b83-bcef-ec63d1df0848", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:40a4f3ff-98b0-5b30-b47c-827e29b451d3", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:57857a06-598d-541f-a6b8-ef69bb359f9c", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8d5f3d70-5002-589b-93a7-8f3ccb9d068c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:603c3b45-7b9c-5197-a25d-a46f339e578e", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:44c58714-a456-51ca-baf9-104f53f5b6e4", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:66c17ead-ca15-55fa-838a-916fb6c29929", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:82edc7b9-8122-5818-889f-b7ecd83037f2", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:645df1ee-64cc-5420-8c45-e8aa75926695", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f28e4172-161d-55ad-8c80-6cea3c1fbe4a", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e2944dc3-b0bc-569c-bf85-eadeb0c7039a", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dbabc739-68dd-5974-97a5-79f44c9a0426", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f708507b-c50a-53cd-980b-4ff1eb5fff66", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b1f16d2f-c022-5885-b57e-ef107cfff811", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d2c0a88c-a33d-5925-98ce-ee945dcd1e93", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:376bc7d4-9bc5-5e8d-b5a4-b9d2580fdaad", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f9e41605-edc4-54ae-8edc-b611051c85da", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b4ccff04-f8d2-5de1-b5d1-622be6aca2de", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a4de1aa4-22b9-5c39-b9a4-6138c1c0ff83", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b8dfeeb3-9f24-5d43-a2f7-f7f9256abffc", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.11-tuxcare.3" } ] }