{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e65efcff-06fb-53b1-8583-45ea98fd8d3c", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3", "type": "library", "group": "org.apache.cxf.services.wsn", "name": "cxf-services-wsn-api", "version": "3.5.9-tuxcare.3", "purl": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f8a50fc4-f0fa-56f2-a83b-f3de5250c59f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d747bdcf-473f-5845-8e09-2936cd7e31ce", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:04c388a5-3127-5906-b758-aae884c7f7ab", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:01fc93ce-6064-528a-9bd1-598f4bcd7f1a", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b0e3ef22-8bd1-5a3f-8af0-d43d4d8bec6c", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7e646469-8d1d-5421-befa-d407e8b01622", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:50600472-d4ff-5e9c-a662-82350615d732", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4ddb6f88-2147-5ee7-b1bd-454b4b143e36", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:82da0fb6-fcd5-583f-92bf-8baa9ab7b254", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:92603921-85cd-560c-ba3d-14919f4b87b7", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:81ea7a9b-9b99-5aa4-96fb-e8e7a46b7872", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e6e7e20f-c0c1-5537-bd73-e5f331d43184", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:d71705de-ac40-56be-9a34-f6b0d01c1f47", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:de062354-c1d7-57a2-b58e-8b6e8257bfac", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:860c06f6-c148-5187-b70a-868223049cf1", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:b867d940-82f3-5f0c-9c1d-a800ffa2df4c", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6239d6a3-6645-5baf-be2f-b64797794b10", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-api 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a3a26eff-bea6-5b92-9c18-74796bec90e8", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:348b3795-bb25-5572-9a51-da33e74c442d", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:0c874e39-325a-5a32-b8e4-0f02ee91bcc5", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:f316e4e4-17e4-5e3a-b792-075e144f4846", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d8d922e-f09c-52cc-90a2-faf49f4ca4ff", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e72de26b-2e7f-5fc2-b31a-4e6dc43a7574", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:40c1b14b-b609-5737-961f-fff3b991cf01", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:530cff99-9780-5549-9c59-cf8045c75ab2", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:816f23db-505f-51fd-913a-4426e5fb21ae", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-api 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c01a7374-2727-5685-a798-b36534635a27", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:1da2f2ec-9e8a-5b66-a713-5da58a7e25bd", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:6cb784c0-231d-53ca-9f1a-5bfb73fa47b8", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dd842182-d1ad-5b4d-b12e-3593e805f903", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-api 3.5.9-tuxcare.3." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:c54ca258-e3b0-5e6e-9340-f6caa0ce78f4", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aff9d9f9-00a9-5499-81f3-70dae8e823c4", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:33c9d1f5-0355-5336-8e72-35b8cbe181c4", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a6426bae-f481-5b3a-b62f-14b8e232bbdb", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.3 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.3" } ] }