{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:2f1e98cd-dae7-5bce-a239-e53d6a2cd969", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3", "type": "library", "group": "org.apache.cxf.services.ws-discovery", "name": "cxf-services-ws-discovery-service", "version": "3.5.11-tuxcare.3", "purl": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:e04637aa-8e36-5beb-a7ec-0e3ccf018b33", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fc28289f-bcf0-5be6-ab9e-87fa2b16ab40", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6186251d-7da3-56ad-b06f-f7d4e148c06c", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:fc9aa589-23d1-5b7d-b08e-e101fccd1c3a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8584ce06-9e0b-5aae-aa93-015d9bddaa0e", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:83f3d53f-0cd4-57c8-8dc7-2341f7ceb386", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:50ec1e9c-7b83-514b-a523-d59705eaa386", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a3ab717c-0b20-5cfc-ac06-fa16ea25abef", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c8b4a319-f3e0-5adb-8fc3-4d615ab4c378", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f906ea0f-b77c-522a-bf06-1e5c28bbfde3", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4297ef47-a037-5e67-ad2b-ec84731262f8", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3d274706-c157-54d5-ab20-e6f64277e391", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:922409f0-89c0-5bbf-b38f-1d763f8fea67", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:90e5bfc8-759c-5da8-ac2a-fa4527d58276", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:76c5cd8e-d1d3-5248-945a-e19e0c6b06c3", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f9c3bc48-81e9-528b-ac21-5673cee8665d", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ed22cf22-bc5e-5df1-a157-00da49223490", "id": "CVE-2014-0119", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0119 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1df7c7e1-06ee-5437-bf4c-139d1e83632b", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8dd7348a-d5f2-549a-9f13-8420767038b8", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5d59bde0-e380-5770-8a39-2fd59978fd4f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:acfb0719-5589-584a-9849-093c2017c67a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1482dd68-2a53-53b8-85eb-2943387e2476", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:430ba9f4-3187-5f6b-aeb0-b5573f44e206", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:cbd17a81-43ff-5551-a866-7864017cbd89", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:3b884b1c-dacd-5cee-9b81-e3815a9d47d4", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:43e799c4-457a-5b25-a2b0-4969f966fc39", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:062da5ff-7045-5a2b-830b-b3e54c2e4090", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f4b056e8-e1a9-5197-bcf5-979a2699c24e", "id": "CVE-2022-22932", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2022-22932 is a false positive for org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d7d4582a-2d95-5b58-8c2f-daa62167a19c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a5f65afa-a941-5b73-ae6b-704fdf4a547d", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service 3.5.11-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2ef179b8-0289-53fa-98e1-09d0f6dc0f0f", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:25efe1fc-34be-5da8-a653-d2134968a079", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.11-tuxcare.3 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.11-tuxcare.3" } ] }