{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:aae4162f-810e-5407-b27a-64f702c60bac", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-ws-security", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f5d7e0b8-0c50-5460-ad5e-0314109fddb3", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:098d131e-070e-538f-ab68-e9b8cbe33846", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e07623ac-49ef-5c49-8fd8-b59267eff1ac", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:86b4d538-eb99-5546-904d-6aa00d971921", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5dab75e4-0f43-5683-8a45-7a41952cee92", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:cb9400f1-0760-5584-bf6c-8b32007fedc3", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3b58d3ca-0510-5238-a4fd-a332779ca099", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:63737c49-17eb-58d8-b0c8-dc2f9ee06890", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:393a7d9c-1d90-5591-a0c8-e37f8c04cf33", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:34b99af1-7632-5a91-a6d8-466459e1d0c4", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:758580f9-7963-5256-a96e-0f5986edece2", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:597222e2-d382-58c5-9800-e5785c103f7a", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:95f530e2-7c61-5b12-92de-d3325e0e6cf2", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f339af3f-9c8b-5fb7-a877-841aa4bb80b3", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f458d365-e581-5dac-a368-cb4b6a81057e", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9d749a4b-a9d2-5752-befb-7d63a79327d5", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:000d9ce0-e64b-5129-b2ff-21db4a3f16e0", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-ws-security 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c13a46e2-e253-5f2e-a718-91536f78add4", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:04d8d0bb-1b1d-5009-9a73-663838e973ef", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f288f11d-40b9-5ebe-821a-e5f95c7abac5", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5e23e5c0-2577-5e7f-87e2-f766e3d618e7", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:33ce0515-0d4c-5fad-abb5-fa29fa4d498e", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0da12a09-f9e0-5004-96ae-2f16b6120f95", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68e369f0-a68e-5315-8304-f1b7edae70aa", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:acdec58d-8191-585b-bdf8-7287a62945a1", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:761b7512-3993-5d1d-9df0-19678ac0a2d3", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-ws-security 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0a06388c-e8e0-58dc-89a4-f9e5be8aa693", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2286f223-bd66-5180-b871-09f2ced465f3", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:68e3b21d-e525-5791-baf3-7f5f279848cd", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ce0f7635-ac68-512f-ba0a-ba350d7dfdeb", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-ws-security 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c0f3b531-cdc0-51eb-96c3-47d9dadc7ff6", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c98208f3-16ec-585b-a44b-b6b3e9eedb3e", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:88019f47-86cd-531f-a58f-e9d640f2be8d", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c40ba741-7226-570c-ba1d-c6f00a0cb6e1", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf.systests:cxf-systests-ws-security." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-ws-security@3.5.9.tuxcare.1" } ] }