{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:832a4485-af9e-551e-946e-dbb48cd733dc", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-ws-security", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:2f652192-58ba-5ac9-9b38-0631c06db439", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:73367034-0277-5112-919e-81b484c9fb3c", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:928da878-9c73-5bc8-bff4-a988653820f4", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d34e88fd-f4bb-5161-b69a-e4550055edaf", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:41aa2bde-24e4-5f58-a36c-f6e2642979f6", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:9208d39c-ae8a-50d2-b01c-8c9da566f056", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7f9ac09b-ff6d-52f2-916c-0d0601d6360a", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:caaf584e-c08e-59dc-8660-a7fb6ce33e39", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:49bd9e66-227a-5c65-830e-37088c141382", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:d8ea5c61-d9e6-5bb9-88ac-680ea3c63755", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:87ce7457-a782-5e06-b5a5-d1c5e5fe59ea", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:89e5c157-ec72-5ece-8b64-5fe6c56d3f92", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:940c4e21-9a6d-526a-856c-01ad52f4eb7a", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:22bf65dc-eebb-5334-aa3d-5b12aa183f51", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:be384bcc-2dce-5312-aaa6-40d0ca5fa95b", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0476cfd-19a5-5db9-aada-6917f86bdd39", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:fe5c7e05-66ed-5112-8d2d-a876b89000f9", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-ws-security 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ddc51532-97d3-5849-a425-f6bb505a49c9", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e6a14e25-7b56-5369-ae8b-8d5b80c98090", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:669e39cc-2d38-541a-93e2-2144529abac2", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1b638e5d-a871-56ca-a756-9effcfd4d278", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6de02665-2da8-5830-8eed-43f48d8a0597", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:cc893030-43d4-55bc-a0f4-ec27415cc33c", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4a9992b3-5702-55fb-8cc9-62ebeff5c3ca", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7d6dc488-0a89-529c-b0b5-98d8504a5d61", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3f9e6643-53c3-5456-8e44-675a7c17c7dd", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-ws-security 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f8e122f2-22e7-59ec-bc1d-39958cca8520", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4689b0b7-2098-5fce-9b73-55e0769d70c2", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7497c6a2-fb2e-5235-8cf8-e737c1a868d0", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:232bd9db-206c-5918-a730-94aedd5f519b", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-ws-security 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:62913a72-87c3-5e89-a219-a07a1bafd88e", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:04edee8d-5099-5cc5-b262-477294ae09dd", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:ff0b8b78-01d7-5cca-8dcf-7128a1ef8876", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:480c24ab-59b8-5273-9ee0-4cc203a1201b", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9-tuxcare.4" } ] }