{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:734fa0dc-03a2-599b-b153-ea2e3767caa1", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.services.wsn", "name": "cxf-services-wsn-core", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:bb863ada-3af6-5a29-9439-fcb29f3592c1", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:71c30e0d-eb15-5110-92ec-9ce09c15b0fe", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6e3178a6-4f37-57a8-93c3-75eea51fc0b8", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8f767663-0dff-54b0-9e8e-88d372eee568", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b204b3fc-d80b-5a5a-8128-9471b6564aee", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:20b6a14c-3d68-563b-bf6f-d89e17161565", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ac41af6-452d-5676-8e1c-5ff7e4f06583", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:555788cf-fe6f-5fec-9c71-245c94162eca", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:390ef821-08b9-5b3f-8ced-38e8fab3acbc", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0afa08d-b827-5a5c-a306-e22bc7119d48", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:466cdac5-d20d-568f-b22a-0eeb825fc0bd", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:74e4f158-c88a-5155-8127-a7969ee47a9f", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4210a45c-ac5f-53ba-8dd0-4a388f519e59", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dfca1c4f-1df1-5e05-9702-c59defcfa1d1", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4e5f7c0c-9071-548d-95d2-01f626b37b2f", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b820a081-5b6b-504e-9474-c01fcc5c411b", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:206250c4-9d11-5d3e-bdb7-c1aac06cd3b8", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-core 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0b425064-ba8c-508b-b408-e3b85ee915e9", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f18e6d66-8ee5-534c-a5db-fdc9740b6139", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8d122a86-23e4-5d37-9fa7-9c6e65738e3a", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6a42fece-6464-5b07-aa06-c902df11e8ea", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ca205387-24af-528a-88db-5cbc8e50ad35", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:22788b7b-87ef-58b9-9517-0903bdae3c84", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fd815e36-5be6-5d7d-a5ad-f64da058dbdc", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a108f23c-0196-54bf-9d2f-4fe5eb643ffe", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5c3fc3dc-9a18-545c-b5d5-a38e3c7a24fb", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-core 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0324eaef-d702-53ba-9109-323c77f37167", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:069ce83d-7d33-5d46-a23f-b9b80a9c633c", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2ee9474e-2650-57d0-adc6-50c79f842dc5", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aa73c8ec-e08d-593c-9aa8-64f540c46010", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-core 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e18a7dc9-e80c-5df4-bf48-a29797a5badf", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:92b62439-d00f-550a-bd3c-c4cea657ab7e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:29080e13-d9cd-5d46-a7b2-934f1df85870", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:339fb45c-48d9-5a4b-89ab-902ec85f3cb9", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-core." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-core@3.5.9-tuxcare.4" } ] }