{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6723cbe6-3d4d-5fc8-98c0-1fb0c6dbf47a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf.services.wsn", "name": "cxf-services-wsn-api", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:cf4ddf14-37ee-5d5b-a107-e31d466f93fe", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:29c9b59c-0a04-59dd-9232-5de441efdd1a", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1835dcb0-489e-5f19-81f7-89bc5b7c813a", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:339928ac-f8e4-5c17-9f09-75ff63409ca4", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:091b1e5f-8018-5491-85e2-403746bdfc4f", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9c429e30-39c1-5ecc-833d-c0274d98261d", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6d8e870f-cc68-574c-89d2-b2bad614d41a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b56b2549-8b64-5762-95bc-d69e11981b01", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e75d3a7-d3db-57b8-b845-c55755f909c5", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a1248b1c-3921-56b9-b297-861f3fadea8b", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1ae1fde6-822d-5f6d-b787-7ac691e56969", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04c41304-efa7-5970-91c5-279a576ad86a", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:383f1906-1322-55c2-93aa-fa963cff1b52", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b3b08faf-fae5-5ebb-a2f5-88dfa4d244a1", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f1ede55f-4f18-5125-911f-d8e63a40857e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:855a3eeb-84b8-5e01-b640-7b021b813259", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ede11aa9-fc78-5feb-a266-07ebb820011d", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-api 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2b5aa5c9-528a-5106-8e3c-84da8ed5877c", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:48242052-07d4-55d0-b443-970751eb3a8e", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1c7fc5a0-5638-50e5-a996-b8743fe93410", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a929a4d8-9c11-538a-92ca-38a2eabe78b7", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2505c4fe-75be-50c3-8edb-04beb0181ce2", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9f78c8d4-e2d5-5a7f-b70d-e4471145c4e4", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4526b791-f3a2-520a-824d-3c692a4e8fa7", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c7640141-d6cc-5272-ae95-c14981365137", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7592dab6-092d-5331-a090-edade764b427", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-api 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:05702b28-7660-5a6f-bf53-ac8e943a44cb", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8e18f629-968a-5e74-b6eb-ccf9dd8b7775", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0363b715-f857-5fa6-857e-fbed907aac89", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:7b7072cf-4df0-5586-8c22-ae2022318f2b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-api 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e794948c-e4d6-542e-ab1f-f40d52e4d20a", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2e9e7fa9-a195-5268-9821-65773d95d4a9", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e40940e3-b60e-52f6-9178-8ff80f2d3b60", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f14d059e-4c1c-579c-ae91-bbc8d50aca80", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf.services.wsn:cxf-services-wsn-api." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-api@3.5.9.tuxcare.1" } ] }