{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:6fba5d74-027e-55aa-a106-6bad5ab5156a", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2", "type": "library", "group": "org.apache.cxf", "name": "cxf-java2wadl-plugin", "version": "3.5.9-tuxcare.2", "purl": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:dcf2c4c9-6f92-5d99-9cca-9c83dd1ed1dc", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4495c788-db3d-5565-8d39-29aca40fcc02", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f4b10ac7-7bd8-5bb9-ba43-781b7ccdbf3e", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:5b6ff909-5b57-5d91-a717-ed6034ee2477", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a2a400e6-6828-5233-998e-b83b10d60a72", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:cb85a75a-a7dd-5e27-87cf-3c02dd1693a1", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ecdbf20d-7f06-50a1-a290-b424620c7c83", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f3864b27-359c-58d6-8e34-ef496839b125", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a66e3bb-2322-5321-bc48-fa9e76f1e27f", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7bd7d491-f40e-567b-afb6-d1d7881aaa56", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:740d697b-d492-544b-ba10-b2932515cedf", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ea1fea79-6afa-535b-94c8-b3ab754a4023", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d7c47a50-2f7f-5fdb-9136-c6361dd616d0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c225f1bc-6aa2-54e3-9201-a4b3e65ad529", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0149ad5d-b295-5707-acd0-2c45001ced76", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:65d77e60-8859-56e8-b3f8-f7659ac7b709", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:11bfc096-f8af-5129-8d32-bdee1169c732", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-java2wadl-plugin 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:8ba2f53b-8889-5175-8682-28f11699673e", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:edab4a75-b767-5a21-8f73-ab2ca4c78965", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:15a41ee9-c763-51fe-889f-55ba765391fc", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a0e91860-04e5-5b57-9d67-fd5161b38c0a", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:74411ed9-fef7-5cc9-8ff7-50406e2cf66d", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9cb19ff4-2bfe-58c7-aec3-948a1e302939", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ed091e4e-4930-53fe-ae95-efd588fca2a3", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a5bb18f1-cd63-5e59-af9a-1e87abc231a9", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:90153e40-983d-5342-8911-6b53be16e6eb", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-java2wadl-plugin 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9091d715-b2c5-536b-a786-b7046ae276b7", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:9efba24e-56ec-5d37-859e-fbec2b2745e2", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ffed6985-cfbc-5d82-97a8-9d14cfb6a378", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ad2e8f4e-6483-5abd-9aec-6e8c42c400c9", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-java2wadl-plugin 3.5.9-tuxcare.2." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6839d68d-4c2c-52be-a72b-6cf9bb6cc1c5", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e2e7befa-00e2-505e-a02f-e6c47faf4b63", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:656829e1-05a7-5938-b79e-ef994df46547", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0b18a8e7-f352-53d5-b27a-6ca65642e6ab", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.2 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9-tuxcare.2" } ] }