{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:3b11961a-310b-5101-bde0-f7615c57c74a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf.services.wsn", "name": "cxf-services-wsn", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:ae904e6f-c0f8-55bb-9a95-8f1d86e4df0f", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4b7e91a6-c2f0-5dab-936a-ad1d4a16ec57", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:648d8a19-0d68-5b32-afd0-a96529ba3a96", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f9bb9f0d-dea5-5501-9c01-860fe1818f5f", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:abd4e156-19ac-59a4-a548-c58fedb907b2", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:70b320dd-372c-54bd-833c-a6e0b0ad9a00", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:55b7f769-2735-5ba8-ba0c-d1c0cb74c603", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:849eb7bd-a1b0-506b-bdc8-39287b0efe0a", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9d993e41-a724-5f31-b044-885635f55b9e", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a59db65d-f237-50f0-a997-b076e5b73048", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1967de35-182c-5b58-9d02-4e23fe5ca99f", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a64c1e5a-cecf-57b4-856d-234aad5b99b7", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:db508edd-805e-5278-a42e-8baddbf183bc", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8edc281f-19b9-52b5-bcec-c5ec88b29c1e", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1b4dfa10-b3be-540a-b5e6-6e0860429ebb", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:546fc01f-4b34-5f42-a693-9a7956976c26", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1bf6642f-eae9-5855-8741-30f6654bdbed", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ee85b3a5-7155-576d-87b4-41cdcd06dac0", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed652559-6b7a-5b5d-9f1b-2254beb5b0d1", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a1662512-7b62-5932-9b85-b5f236df002b", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e009ec5c-034d-5fed-b41d-f2fb5e2f83af", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:b8207d5f-c02f-5f11-9e3c-6c763cb0748d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08b4be94-26e7-5c33-bd63-8c3e362e3600", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c6107518-c526-5cc9-950e-2b85552d30f2", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ec9f81b8-3597-55c5-b2b9-8333db4246c5", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ba608c0-9496-599d-8a17-1fc59fe60a19", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7d96125d-0ff0-53ad-97c6-04d729707866", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ace01663-b4cd-51eb-bc01-2cb93a29d9e8", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:539867e4-6451-5b02-9d9a-a7200a22804c", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:21e96663-2fa2-5632-8520-7b0551a9b004", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.services.wsn:cxf-services-wsn 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9c229e1b-5b97-5c96-b1ab-445cc6e9dcb2", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:fd050cd8-d2d9-535a-b02a-fd2935d5729d", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:025e92f2-21dd-5660-8020-9da853ec1af9", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:235de9c8-65e9-5618-8e09-aaf10f29a680", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf.services.wsn:cxf-services-wsn." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.services.wsn/cxf-services-wsn@3.5.9-tuxcare.2" } ] }