{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:1fb79f9b-ab35-5006-b391-5a428a651bc5", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1", "type": "library", "group": "org.apache.cxf", "name": "cxf-java2wadl-plugin", "version": "3.5.9.tuxcare.1", "purl": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:78221f81-9ab5-5c65-a654-76380f350cc1", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:f16470cf-82d8-5bf4-8f83-8cd944104efb", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d6576cf8-0fd0-51e8-bb92-fd001ee0d262", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:abc2ff11-c595-5768-bbd7-1f88c56045e6", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:c6de2d40-f203-5b04-a4cc-85b3a6bc2e57", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:1cd611ab-4c97-5ea0-93cb-f11dc95aeac5", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e185e5e7-2639-5844-8e12-d23682da9079", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3846a806-233a-5c0a-b836-3187907c671d", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:8695d49e-28dd-5072-9753-8549380844fd", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a44ebd44-e5eb-5333-82ba-f822a02bb7ff", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:0656d2e7-c4a2-54ac-9d5c-ae742b715a1d", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:beed7cad-16bd-5ff1-849d-4c49d3f7c8c3", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:39168f8a-f508-5adf-9e03-bca39f40a0d0", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:187e9ceb-094a-52bf-be7d-3534cb210d39", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:bfed0254-5035-55ca-b298-323923e417b0", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b99c9762-39d7-5798-9c79-5630ec5d2de0", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:dad256cb-0d24-5e1a-85c4-38f13af0fea6", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf:cxf-java2wadl-plugin 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:264f37f0-dcf2-5e5d-9a29-ec8b2ba1f107", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:d3b3dc81-8f0f-53d4-88af-7f600c5444ea", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:5aade5e3-cc5e-5101-9e48-63a8395d761f", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:3e4db98b-6a5c-5635-b9f7-3d9aa3ef6704", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:66a30461-310c-57c3-91c0-23a25b1d6b47", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:e1881349-7ce0-52cc-85fc-d2fddfe0ad05", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:17ea8bb0-3c84-594a-a508-c61ecb04574d", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:85554eab-66a1-5ece-8532-ca93efa7765c", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:a869a1bf-1dab-583e-aedc-42c3796285dd", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf:cxf-java2wadl-plugin 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:ad2d99ab-6f3d-5a7a-bccf-72f622c55edc", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:b15b78bb-2ec9-5ec7-be07-730fa83c881f", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4a6ab360-263b-54d4-8fb0-95c2837ad416", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:2876ad32-2591-5f83-bad1-7958c24c25a8", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf:cxf-java2wadl-plugin 3.5.9.tuxcare.1." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:9486aae2-f85f-5cfb-a9c2-eb09a6ddf77f", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:6830ea97-3e07-5f4a-9d00-0ffe49983bab", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:65f8cb14-01be-51ff-8213-d2a691d84543", "id": "CVE-2025-48795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48795 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }, { "bom-ref": "urn:uuid:4ff28116-07f4-5cc2-919c-7d54736b01e4", "id": "CVE-2025-48913", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-48913 affects version 3.5.9.tuxcare.1 of org.apache.cxf:cxf-java2wadl-plugin." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf/cxf-java2wadl-plugin@3.5.9.tuxcare.1" } ] }