{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:e5df13a2-abb0-5445-8491-c247e9376a16", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.services.wsn", "name": "cxf-services-wsn-osgi", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:aeca2c05-2ec1-52b0-bff1-45af314ed22a", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:57636bd7-624e-5510-83f5-8874c736b830", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:3d97a5d0-e37e-5861-8d1c-6beaa4c0f618", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:afd979ee-dcf3-5a67-9877-f472f4e83ec7", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:dc15b1a8-0a38-5ddd-8d46-96e0d3f7e244", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f4a9dd40-369e-5349-8814-d2cb46fec5f4", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:29eed45f-6299-5708-89c1-c04cdc1d5104", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e72e5487-05e4-5635-be5f-0164063f4645", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6b025059-f716-5867-abc6-c1431bd33039", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8cbe4bc7-f9f7-59d6-b221-078b3f41b763", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9ad684cb-caaa-5ff3-a400-cbfeba6a40da", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:457324ac-d3d7-5ef5-a9a1-0925dd69921c", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a8610a23-0591-5bde-b0a3-87f928b86275", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5f9ff61d-7825-5dcf-9f40-60f887f6d116", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b356e009-ae60-540e-afdb-bb69df8d1051", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f2224e8b-b1f5-5f89-b15a-e3bc751868ac", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e8e9ed78-1d8f-5397-9057-aad823edd94f", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-osgi 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:456d9ded-535a-50cb-ac24-02de5d7aab6a", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9929113d-5ff9-5216-b750-f6e0ea71f403", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:bc02aef6-a89e-5fe9-abb7-9bfbab2f6e5c", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:69a76347-9756-5fc1-9ea4-828411592659", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:aa86b0b5-6ecc-50da-bc77-c13c5938bc11", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:216a2d81-212c-59b0-af06-08fe27cbac58", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:09d04f7c-de80-59bc-b6be-e347b1408132", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:32c2b21a-e4e4-5c63-9192-32a28dd7e7e6", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cbde0a59-a8fb-52d0-8c25-484a9f6ecd0e", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-osgi 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:85cf125b-6faf-568f-b80c-20e93e3d56bd", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b4a2f9b1-f4d8-5117-9566-bff26e4e6f5b", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:543b270d-a707-5077-8210-7b6d6b1a746a", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:579fa4bd-ca66-5a42-a0a2-802a72f2e625", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-osgi 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2a78503e-0cf4-525a-a2c8-30da674d3b25", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20891e45-f144-563c-b299-5c08b4253568", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b790d484-ef6b-5ed0-8081-773473ca8bb9", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:01d5a646-9c47-554d-bff1-ae003cf76553", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.2" } ] }