{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d3897d53-d539-5452-9cb4-63d867d52eb0", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.services.wsn", "name": "cxf-services-wsn-api", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:1808acec-5606-5c6b-a071-7076e049e4e7", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f5f7d878-9f48-582f-b8f0-8461660ecf0a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1df7c893-9b08-58e7-a6ce-1c7dce420960", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4452924a-ca64-5328-8fda-7e93ed20c978", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e44818e-a431-53ab-81e2-3fd94ae0c1df", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:43ff58f0-3074-525d-b92b-495f36903c6a", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:11e66f7d-15c6-52ab-baf1-2063d1beea38", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8c2a1e94-548d-5e34-89b3-1b1f56e9fb7b", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:31c66d04-94c9-550a-9d1c-94e9829db103", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:062598cc-bfa4-5ed2-a0e3-865b79262e83", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:faef91a4-8c3a-563a-92ef-530f15f7fe27", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:06cf2511-65e8-5d9c-a231-e9562556c8d8", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f936e2aa-7a6e-538a-80b3-cd9dda3e2ec1", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e6027967-9d2d-5dad-88a8-2632f0662a71", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:09790de0-6c81-588b-b908-12e6089bd400", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a0b4110c-0c72-5290-977c-aee386d5814a", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:26a11db7-f2c5-5777-859a-873f63ebeb61", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-api 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4fd13c04-065f-5598-8f31-e6e6fc6edcc2", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:95a58fde-665a-5f43-a165-72173a8a0873", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e9394e7b-4b8f-57bb-8239-22a565d13899", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ed8210a6-4c92-5b0c-bc34-2752bbcae94c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:af29ff44-d0a7-574e-a04c-852db89f6022", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:57aef4a1-a1ff-5629-8a5b-207e53790a5e", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:723ed0e8-81ee-520c-81e3-8d16eb5594a6", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d7e447a2-daf5-58a5-8d4b-837b90830ca0", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6b217d10-a8dc-588b-b7d7-4231b2d77427", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-api 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:387e6a0d-f688-53bb-bd72-64671984ca4e", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d6358773-8467-5294-8a9a-0ff25d2eb29b", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7a93c5cc-11a7-5dae-a4cb-3edb5b99bddf", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:82af5405-2bc6-5417-8b4e-fddc4e283c57", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-api 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ef96a404-8afe-5db9-887f-a75064ae199d", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:42f4a846-022f-5d7a-86de-bf8d86eebb85", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e6b30704-3006-5953-906b-af4fd6902802", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7660c6d3-d954-521d-825f-dd7d52410335", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9-tuxcare.4" } ] }