{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:b6e772d3-b5c5-51cd-938d-7ee0e205da24", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.services.ws-discovery", "name": "cxf-services-ws-discovery-api", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:edd01a0b-4fca-523f-b8eb-f36cc0fd2f80", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:444ce52f-9464-5ae4-b21e-be0b561f7d33", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6d8375f-4098-5fd3-be32-f9e12732d96c", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8e0724cc-3698-5a36-9f8d-9eb53c4b8088", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3c4789cf-6104-564b-94ab-9fd6333cca26", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b09cd03e-ccb2-53c9-8860-9f3c94f17a38", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:23793699-fb06-5282-9093-1c15e4ec1164", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:26d3e252-33d8-519b-a896-c01eb6fb35a5", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:265b05a6-64c3-5c9e-a50e-16e4638b9990", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a22e2cf8-eca8-5352-96cf-c625b99d5972", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:215b759c-58da-5f6d-9e5a-955455349b6e", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:72a23a20-804b-5d26-a4be-c9bbef158fc1", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fdb07e84-8983-5683-86dd-4d7da8784936", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:864ddb62-4e4c-5fdc-8baf-eef7fe90930a", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0875e5ee-9560-5bd6-93d8-ab3984d29330", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c643cde2-6a54-5a53-aa5c-3321eb9b32fa", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ac7e1978-9b02-5830-a9a9-c5a53548eefa", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8c77a2bb-1cc5-502d-9a81-f39d0e53ade1", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b7e1916c-5d58-5816-b73d-e6b168dcc85f", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:06d9007b-175c-50ac-8d69-f1577f1087dc", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:df9f4701-f528-5ecb-86e3-0c41a30d5058", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f852d505-654b-5935-9770-85326bac53ba", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21fb63f1-cbed-5a79-9278-133115c9c4eb", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:35c1ca19-bb58-5a2f-a103-377615f3926a", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83cff1c0-4eec-53db-8394-1e73f88a8dc6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90f49b57-bc06-59f1-91b4-7b35ebf8e911", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d1cd4d59-27d5-588f-90b5-6c9cb054c86d", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c277b00a-a86f-55d8-8ebd-73f5fa544f76", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:79df9226-7b34-5ca2-8063-ce6cb53c7bce", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f8e1debc-3318-55e9-b00b-4479d349dfb2", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3f83d547-1e54-5454-b24c-6e89220f251e", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8b20713e-4b77-5cbb-aa36-b880414bd357", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:495c90eb-e16e-58e4-92f5-5f8ae1c314ee", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:620177dd-787a-5b67-93c8-db80de9a80eb", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-api@3.5.9-tuxcare.2" } ] }