{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:91a1f3a9-cd96-5840-b94c-656fc2e27851", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.services.wsn", "name": "cxf-services-wsn-osgi", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f42e8e42-e4e9-52b2-a9da-55a982054f27", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:34d8c3ec-83df-5975-b36e-72ba20cd0c98", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:165e1a17-59c2-587b-87e8-5c077dc328da", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:52d7f5dc-0cc4-511f-a553-40060ec626f9", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e7627b60-fac8-5e32-ac65-6a0afb272c98", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:18b6336d-101f-5e12-9c7f-0ad019dc6ad4", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6768cb3c-cb22-5462-b739-662576a3dc9a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b3a7ce45-6c49-506a-a178-464a8bd812e4", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:75c163d3-6f89-524f-84b6-3b53d2e8d2d3", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b04883a0-ae14-5630-83e9-59b77e047787", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:0c8532c1-f863-5771-b06e-fbf0012b9fd7", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e337f3bf-9187-553c-b795-008a55b41965", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c3868469-b0ef-55a2-855e-d08005ec8065", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:2cbd6ce3-0cc6-5a5f-bfe2-929753d45480", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:105057d0-3ef5-5a37-b00d-547e3a46c8d9", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b5062bf-ed13-59f3-8883-c71266feb129", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:43980a82-a120-5e02-aab6-5169f49eb01c", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-osgi 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6cbd0d0c-b98e-59b0-ac7a-25b3314a5467", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:28b16ac8-4d45-5020-82b7-b8b8cee8fb93", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cfb005c3-0d68-5085-b93f-96a2e0efabb2", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a495e36b-6e4e-5efa-8200-303af117231c", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d6fecdd2-f3f5-574e-a319-117abc3352e5", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:c56e9194-9380-5eac-839d-c109156d9c8d", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d299c69f-8a2a-5a18-9c15-50cc778e4967", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:68102c1c-8a77-5341-bf96-2f4d459496ff", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:592ccbe7-a30e-5b8b-8193-8289fab82189", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-osgi 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ca4f341-d90a-5702-ad9c-1bef10ce190c", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d0982c33-5f31-518b-b6b8-2e2f647a871c", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07d4f8ad-33f2-5d45-b498-083e45cbb202", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:85a66fd8-caa7-5807-af08-e1aa67ccee40", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn-osgi 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:36303bd5-e71c-5706-8287-5db94cbb65aa", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d6d0c34d-b288-5304-a537-0e96c8b8ff95", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9e23df4e-f3cc-5525-9029-33ef227d5e4e", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:352b7cb4-e2ce-5ac7-811a-a8c6ce939365", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.services.wsn:cxf-services-wsn-osgi." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn-osgi@3.5.9-tuxcare.4" } ] }