{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:94a3c351-4c8a-53f7-82a7-5a99376313d9", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.services.ws-discovery", "name": "cxf-services-ws-discovery-service", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:b9e30408-2cb3-524e-bd7b-9471217fe6e8", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:80dcde80-df8f-5659-884e-4b400d58e4d4", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ebc2acc2-3d14-5682-b63d-821fb9c4a93d", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4f78a363-1c92-5d2f-9eb2-49de562489a9", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d9b92f61-0b81-5527-917f-556079873440", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:424e2598-367e-5358-9609-ba7eca1d121b", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c0a5faa-b08d-56a8-b378-62c41726ab1c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:98665fb6-bac9-5c06-b0d8-8dc8ff144f11", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e7f0d620-63c5-5bb3-834f-9b547c3e702c", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:58718a3b-3332-57e9-a10e-653d6afe5685", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c1b868c-11a9-5e5a-bcc4-b82c6b7544f6", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91ae9b48-d1ef-5c6c-a88b-a4b50ed2367e", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9174ab4f-7db2-511a-b7b4-56916804005f", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:30816639-0cad-5922-9e99-b1ad7bb9a798", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:77a945e5-4037-576e-86b5-b690ade26f56", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0e0d61c6-0a14-5c2d-be30-2338d84bffc1", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0adb128c-ff24-5537-b468-ec3cee44c6bf", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:82a79d90-1599-587d-b7e1-e3909058667d", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b827df99-0109-5a55-9d78-63d962345335", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6a8fef47-c8fc-5d18-8028-6aebd0bc0d2e", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:420290e8-4d4a-5aa3-bd5d-6f95f0f51e0c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3f7160b8-eef0-545a-97ac-07ab0df1011c", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:435db529-33aa-5ef9-ac6b-fe198dbf4828", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7736b262-b484-5108-9921-66d020e9096d", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:206817f1-22c9-5b9c-afb9-8144bbbd0892", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9ed966d5-bd91-5de3-8f69-8681a6fc21db", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e7669b3a-b142-56df-b339-4369f03e9a20", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:67929771-e927-5b07-9f70-455980111926", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5ef2db16-bf48-58ab-8d33-f95415a343db", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:16729e8c-b32e-5080-9cf7-1b97c9198e83", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:92906454-5787-5853-bca3-0effeb8b84fc", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:774bb2dd-5b5c-5be4-873e-9bb127082189", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c982ba80-0d59-506c-8918-0e17cd0dba0e", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:91a7d4f2-1304-5fd3-a319-e402159bac27", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.ws-discovery:cxf-services-ws-discovery-service." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.ws-discovery/cxf-services-ws-discovery-service@3.5.9-tuxcare.4" } ] }